FBI warns Gmail, and Outlook users about data theft scheme!

FBI warns that the Medusa variant has conducted hundreds of attacks across industries in collaboration with CISA and MS-ISAC

A program has held hundreds of victims' data hostage for ransom and others could be next, according to a warning from multiple government agencies.

Medusa, a "ransomware-as-a-service variant used to conduct ransomware attacks," has hit more than 300 known victims in "critical infrastructure areas" as of February, warned in a March 12 cybersecurity advisory published by multiple agencies: the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center. (MS-ISAC).

To prevent ransomware attacks like Medusa’s, the agencies warn anyone using webmail services like Gmail and Microsoft Outlook, as well as virtual private networks (VPNs), to start using multifactor authentication — which sends a security code via text, email, or app that must be input to access the relevant account.

According to CISA, this simple technique “adds a critical, additional layer of security to protect asset accounts whose credentials have been compromised.”

And, if a person falls victim to a Medusa or similar ransomware attack, the FBI, CISA, and MS-ISAC "do not encourage paying the ransom because the payment does not guarantee that the victim's files will be recovered," the agencies said in the advisory.

“In addition, payments may encourage adversaries to target additional organizations, engage in the distribution of ransomware to other criminal actors, and/or fund illicit activities,” they said, adding that whether or not a ransom has been paid, ransomware incidents should be reported to the FBI or CISA.

READ MORE