Intel Name: #stopransomware: medusa ransomware
Date of Scan: March 13, 2025
Impact: High
Summary: This joint Cybersecurity Advisory is part of the ongoing #StopRansomware initiative, providing network defenders with insights into ransomware variants and threat actors. These advisories share observed tactics, techniques, procedures (TTPs), and indicators of compromise (IOCs) to enhance protection. Medusa, a ransomware-as-a-service (RaaS) variant first identified in June 2021, has impacted over 300 victims as of February 2025. Targeted industries include healthcare, education, legal, insurance, technology, and manufacturing.
