MEDUSA Ransomware Strikes Again: New Victims Targeted

The notorious MEDUSA ransomware group has resurfaced once again, this time targeting three new victims: GEMCO Constructors, Dynamo Electric, and Farnell Packaging. The group’s dark web portal has listed these companies as the latest additions to their growing list of victims.

Demanding a hefty sum of US $900,000 from GEMCO and $100,000 each from Dynamo and Farnell Packaging, the ransomware group has threatened to leak the internal data of these organizations if the ransom is not paid.

GEMCO Constructors, based in Indianapolis, Indiana, USA, is facing the threat of 1.0 TB of data being published within 6-7 days. Meanwhile, Dynamo Electric in Saskatchewan, Canada, and Farnell Packaging, a Canadian company in the packaging industry, have also allegedly been compromised, with 149.6 GB and 193.9 GB of data accessed, respectively.

Despite these claims by the MEDUSA ransomware group, the official websites of the targeted companies remain operational, with no apparent signs of a cyberattack. The organizations have not yet responded to the allegations, leaving the situation unverified.

This latest attack adds to MEDUSA’s track record of targeting organizations across various industries and countries since its emergence in June 2021. Operating as a Ransomware-as-a-Service platform, the group provides malicious software and infrastructure for ransomware attacks.

As organizations grapple with the aftermath of cyberattacks like those orchestrated by MEDUSA, the importance of robust security measures and vigilance in the face of such threats cannot be understated.