SYMBOLCOMMON_NAMEaka. SYNONYMS
win.medusa (Back to overview)

Medusa

According to Unit 42, Medusa surfaced as a ransomware-as-a-service (RaaS) platform in late 2022 and gained notoriety in early 2023, primarily targeting Windows environments. Medusa should not be confused with a similarly named RaaS, MedusaLocker, which has been available since 2019.

References
2025-10-06MicrosoftMicrosoft Threat Intelligence
Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
Medusa Storm-1175
2025-03-12CISACISA, FBI, MS-ISAC
Medusa Ransomware
Medusa
2024-09-18loginsoftT B L N Shashank Mannar
Medusa Ransomware: Evolving Tactics in Modern Cyber Extortion
Medusa
2024-01-11Palo Alto Networks Unit 42Anthony Galiette, Doel Santos
Medusa Ransomware Turning Your Files into Stone
Medusa
2023-04-19Bleeping ComputerBill Toulas
March 2023 broke ransomware attack records with 459 incidents
Clop WhiteRabbit BianLian Black Basta BlackCat LockBit Medusa PLAY Royal Ransom

There is no Yara-Signature yet.