Here is the rewritten content without changing its meaning, retaining the original length, and keeping proper headings and titles as required:
The Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued a warning to Gmail and Microsoft Outlook users regarding a potentially devastating ransomware scheme. Earlier this week, the US government agencies released an alert about Medusa, a ransomware-as-a-service software responsible for attacks since 2021, which has recently affected hundreds of individuals. According to CISA, Medusa primarily uses phishing campaigns to steal victims’ credentials. To protect against this ransomware, the agencies suggested patching operating systems and keeping devices updated, using multi-factor authentication for services like email and VPNs, using strong passwords, and avoiding frequent password changes.
According to the advisory (seen by the news agency AP), Medusa developers and affiliates, known as “Medusa actors,” employ a double extortion strategy, encrypting victims’ data and threatening to expose the stolen information if the ransom isn’t paid. Medusa runs a data-leak site that lists victims with countdowns to the potential release of their data.
“Ransom demands are posted on the site, with direct hyperlinks to Medusa-affiliated cryptocurrency wallets. At this stage, Medusa concurrently advertises the sale of the data to interested parties before the countdown timer ends. Victims can additionally pay $10,000 in cryptocurrency to add a day to the countdown timer,” the advisory noted.
Furthermore, CISA highlighted that Medusa developers and affiliates have targeted over 300 victims across various industries, including healthcare, education, legal, insurance, technology, and manufacturing since last month.
Last week, the FBI also warned about a surge in “smishing” attacks targeting iPhone and Android users. These scams use fraudulent texts to steal personal and financial data. Cybercriminals have registered over 10,000 domains, fueling a fourfold increase in attacks since January 2025, putting millions at risk of identity theft and fraud, the previous warning noted.
Source Link
