what is medusa ransomware

Medusa ransomware is a type of malware that encrypts and locks victims files and then demands a ransom in exchange for the decryption key. It was first observed in June 2021 and is considered an active threat. The Medusa ransomware gang has been targeting corporate victims worldwide with million-dollar ransom demands. Medusa ransomware appears to operate as a Ransomware-as-a-Service (RaaS) model where developers work with global affiliates and share the profits. The Medusa ransomware operation launched around June 2021 and has been using a ransom note named !!!READ_ME_MEDUSA!!!.txt and a static encrypted file extension of .MEDUSA. Unfortunately, no known weaknesses in the Medusa ransomware encryption allow victims to recover their files for free. Researchers will continue to analyze the ransomware to find ways to protect against it.