Dark Reading reports:
Medusa ransomware attacks are increasingly becoming a core tool for a threat group known as “Spearwing,” which has amassed hundreds of victims since 2023; nearly 400, in fact, have been listed on its leak site.
The ransom demands when using Medusa ransomware range from $100,000 to a whopping $15 million, according to Symantec’s threat hunter team.
Symantec’s researchers believe that Spearwing is taking advantage of the wide-open gap in the ransomware space with the decline of groups like Noberus and LockBit, eager to make a name for itself with its continuously increasingly activity.
Spearwing and its affiliates operate like many ransomware operators do: carrying out double extortion attacks and stealing data before encrypting networks in order to add pressure to the victim for a ransom payment.
Read more at Dark Reading.
