MedusaLocker Ransomware: An In-Depth Technical Analysis and Prevention Strategies | allinfosecnews.com

Oct. 16, 2023, 12:25 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Estimated reading time: 5 minutes

Our recent research has highlighted the presence of the MedusaLocker ransomware, which first surfaced in mid-2019. Its primary targets are the Hospital and Healthcare industries. MedusaLocker employs AES and RSA encryption techniques to encrypt victims’ data.

Technical analysis

At the start, it performs a check for the presence of a Mutex. If the Mutex does not exist, it proceeds to create the Mutex using the CreateMutexW() function, as shown in the below fig:

Fig: Creating …

aes analysis check data encrypt encryption healthcare healthcare industries hospital industries medusalocker presence prevention ransomware research rsa rsa encryption start strategies technical technical analysis techniques

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Ticketmaster confirms customer data breach 3 hours ago | malware.news

breach cloud cloud database customer +18

What the Biggest-Ever Botnet Takedown Means 1 day ago | malware.news

botnet distribution financial industrial +5

Okta Cross-origin Authentication Feature in Customer Identity Cloud Targeted in Credential Stuffing Attacks 1 day, 1 hour ago | malware.news

access attacks authentication cloud +22

OpenAI report reveals threat actors using ChatGPT in influence operations 1 day, 2 hours ago | malware.news

article campaigns chatgpt disruption +12

Fake Bahrain Government Android App Steals Personal Data Used for Financial Fraud 1 day, 2 hours ago | malware.news

android android app app bahrain +17

Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins 1 day, 2 hours ago | malware.news

article attacks bugs fastly +11

Senator Calls for FTC, SEC Probe Into UnitedHealth’s ‘Negligence’ in Breach 1 day, 3 hours ago | malware.news

article attack board breach +17

Vulnerability impacting Check Point Network Security Gateways (CVE-2024-24919) 1 day, 4 hours ago | malware.news

article canadian canadian centre for cyber security check +14

Google Chrome security advisory (AV24-306) 1 day, 5 hours ago | malware.news

advisory article canadian canadian centre for cyber security +11

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Engineering Practice Lead

@ NCC Group | GBR Manchester Hardman Boulevard

View on infosec-jobs.com

Senior Cyber Security Engineer - Cloud & Multifactor Authentication

@ General Motors | GM Global Technical Center - Michigan IT Innovation Center

View on infosec-jobs.com