He FBI has issued a cybersecurity warning about a ‘Ransomware as a service’ (RAAS) called Jellyfish that has affected, since 2021, to more than 300 people ‘from various sectors of critical infrastructure’.
Ransomware is a type of malware that Figure the files of a computer, blocking user access to the device. The attackers demand the payment of a rescue (Ransom in English) to provide the deciphering key and restore access to the affected data. RAAS is an illicit business model in which ransomware developers They create and offer their malicious software to other criminals in exchange for a part of the profits obtained through attacks. Is similar to the model of AS A SERVICE SOFTWARE (SAAS), but applied to cybercrime.
Initially, cybercriminals get access to victims devices through Phishing attacks or the exploitation of unbridled software vulnerabilities. According to the FBI, Medusa developers They offer potential payments between $ 100 and 1 million to initial access intermediaries (IAB) that recruit for forums and markets of cybercriminals to obtain access to possible victims.
Once achieved, the malicious actors They demand a ransom so that the victims recover their data and avoid their dissemination, indicating that the contact is made within 48 hours. ‘If the victim does not respond to the rescue note, Medusa actors They will communicate directly by phone or email‘, warns the report.
The FBI highlights a case in which a victim was extorted three timessince a second cyber -related cyber -related said that the first attacker had stolen the rescue money and demanded a new payment.
How to protect from Medusa ransomware
To protect themselves from ransomware, the FBI recommends that all accounts use Long passwords and that they change with regularityin addition to using Multifactor authentication -Prepheribly through an authentication application instead of text messages- and maintain operating systems and software updated.
He also advises support data and information elsewhereas in the cloud or on a hard drive, with backups, encrypt them and be cautious when clicking on links and when you open or download attachments, especially if they are received by email or text message, since Mail addresses can be easily falsified and seem legitimate without being.