MedusaLocker ransomware is typical ransomware that uses the single extortion model, meaning that the ransomware encrypts its victim’s data and demands ransom for the decryption key. Although MedusaLocker threatens its victims to release stolen sensitive data, there is no evidence of data exfiltration.
MedusaLocker also uses the Ransomware-as-a-Service (RaaS) business model. The developer of the MedusaLocker shares the ransomware with other threat actors in return for a share of the ransom payment.
Threat actors that use MedusaLocker ransomware often use vulnerable RDP services to gain initial access to their victim’s network. After initial access, the ransomware follows the typical ransomware attack lifecycle and blocks victims from accessing their data.
No Data Found
© ALL RIGHTS RESERVED TO DarkFeed 2023