Galaxy Watch Ultra with over 30% discount!

Attacks on your Gmail can force you to pay ransom to keep data and secrets from cybercrooks

By
1comment
Google News Follow
Follow us on Google News
Apps Google
Skull and cross-bones stare through a smartphone display at the phone's user.
Ransomware does exactly what you might think it does. It holds some of your personal and most sensitive data by encrypting it and preventing you from accessing this information. However, if you pay the ransom demanded by the attacker, the victim will receive the encryption key necessary for him to access his data. An organization does not want to get caught in a ransomware scheme for fear of having its data stolen, its operations disrupted, and its financials negatively impacted.

FBI warns individuals and organizations about a ransomware attack called "Medusa"


The FBI has issued a warning about a ransomware attack called "Medusa." As of last month, more than 300 people have been victimized by the ransomware. These victims have come from various industries including the medical, education, legal, insurance, technology, and manufacturing sectors. Unlike personal malware attacks that aim to steal an individual's personal account information and credentials with the ultimate goal of cleaning out the victim's financial accounts and identities, ransomware uses a different strategy.

U.S. agencies suggest that individuals and organizations take these actions. | Image credit-CISA - Attacks on your Gmail can force you to pay ransom to keep data and secrets from cybercrooks
U.S. agencies suggest that individuals and organizations take these actions. | Image credit-CISA

The attack is aimed at high-net-worth individuals and corporations who can afford to pay a huge ransom in order to get their data back. The FBI has created a list of actions that it says organizations should take care of right away to reduce the potentially serious impact of "Medusa." These suggestions include:

  1. Mitigate known vulnerabilities by ensuring operating systems, software, and firmware are patched and up to date within a risk-informed span of time.
  2. Segment networks to restrict lateral movement from initial infected devices and other devices in the same organization.
  3. Filter network traffic by preventing unknown or untrusted origins from accessing remote services on internal systems.

"Medusa" has evolved over the years and is now runs what is considered a double extortion model that encrypts victims' data and seeks to earn big bucks by giving the victim the encryption key needed to access the stolen data only if the ransom is paid. At the same time, the attackers also threaten to publicly release stolen data and other swiped information if the ransom is not paid. Most ransom notices demand that the victim acknowledge the receipt of the ransom note within 48 hours using the Tor privacy browser.

Medusa runs a .onion data leak site complete with a countdown timer. Ransom demands are posted on the site along with links to Medusa-affiliated cryptocurrency wallets. Ads offer the stolen data to interested parties before the countdown timer ends. Victims can add a day to the countdown timer by paying an addition $10,000. The attackers try to make the victims feel that paying a ransom is just another walk through a park.

You can help yourself by using long passwords for your apps and accounts changing them frequently


According to the U.S. government, Medusa developers employ initial access brokers (IABs) in cybercriminal forums and marketplaces. The IABs specialize in accessing an organization's network and sell this access to threat actors, ransomware groups, or other bad actors. The IABs typically use phishing campaigns to steal passwords and other credentials used by victims. They also exploit CVE-listed software flaws.

Whether you're dealing with your own apps and accounts, or those belonging to a company, use long passwords that you change frequently. Also consider the use of two-factor authentication. The latter requires the user to sign in online and via his phone when logging into an app or website.

Recommended Stories
As you can see, this is a very regimented attack and is one that all corporations, organizations, and even individuals need to be aware of. The FBI says to be wary of clicking on links found on emails and texts and opening and downloading attachments. Email addresses could look real even if they are fake. These addresses would be among the first places to look for proof that an email or text is dangerous. Misspelled corporate names, poor punctuation, and bad grammar are signs that an email or text is a potential bomb looking to blow up your organization or personal accounts.
Did you enjoy reading this article?
There's more to explore with a FREE members account.
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Manage your newsletter choices
Register For Free
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Senior News Writer
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile extends another peace offering to customers after uproar over rate increase [UPDATED]
T-Mobile extends another peace offering to customers after uproar over rate increase [UPDATED]
Consumers already making AT&T, T-Mobile and Verizon pay for price hikes
Consumers already making AT&T, T-Mobile and Verizon pay for price hikes
T-Mobile offers mobile phone users a free year of Starlink satellite coverage
T-Mobile offers mobile phone users a free year of Starlink satellite coverage
T-Mobile customers urged to show kindness after price hike notification
T-Mobile customers urged to show kindness after price hike notification
The 256GB Galaxy Tab S9 plunges to a ridiculously low price at 47% off on Amazon
The 256GB Galaxy Tab S9 plunges to a ridiculously low price at 47% off on Amazon
AT&T rep crosses the line by doing something unimaginable using customer's phone
AT&T rep crosses the line by doing something unimaginable using customer's phone

Latest News

Verizon boss encourages his teen sons to call instead of text and that's the reason he's doing it
Verizon boss encourages his teen sons to call instead of text and that's the reason he's doing it
I'm not ready to cut the cord for a portless iPhone 17 Air yet
I'm not ready to cut the cord for a portless iPhone 17 Air yet
How to check if your personal data has been leaked – for free
How to check if your personal data has been leaked – for free
Huawei expected to debut another new form factor to the smartphone market later this year
Huawei expected to debut another new form factor to the smartphone market later this year
Switching to AT&T online should be easy - but for some, it's anything but
Switching to AT&T online should be easy - but for some, it's anything but
Unmissable deals are coming—Amazon reveals the dates of its 2025 Big Spring Sale
Unmissable deals are coming—Amazon reveals the dates of its 2025 Big Spring Sale
FCC OKs Cingular\'s purchase of AT&T Wireless