CyberSecurity news
FlagThis - #medusa
|
@hackread.com
//
The Medusa ransomware group has claimed responsibility for a cyberattack on NASCAR, alleging the theft of over 1TB of data. In a posting on its dark web leak site, Medusa has demanded a $4 million ransom for the deletion of NASCAR's data. The group has placed a countdown timer on the leak site, threatening to make the stolen data available to anyone on the internet after the deadline. The countdown deadline can be extended at a cost of $100,000 per day.
To verify its claim, Medusa has published screenshots of what it claims are internal NASCAR documents. These include names, email addresses, and phone numbers of NASCAR employees and sponsors, as well as invoices, financial reports, and more. Furthermore, the ransomware gang has published a substantial directory illustrating NASCAR's internal file structure and the names of documents that have been exfiltrated. While NASCAR has not yet confirmed or denied reports of the attack, the details published by Medusa on its leak site appear credible. The Medusa ransomware group operates under a ransomware-as-a-service (RaaS) model and is known for its double extortion tactics. The FBI and CISA issued a joint cybersecurity advisory last month warning that Medusa ransomware had impacted over 300 organizations, including those in critical infrastructure sectors such as medical, education, legal, insurance, technology, and manufacturing. Past victims include Minneapolis Public Schools, which refused to pay a million-dollar ransom and saw approximately 92 GB of stolen data released to the public.
Share:
References :
Classification:
|