The infamous MEDUSA ransomware group has resurfaced, targeting two prominent companies and demanding significant ransoms for the decryption of encrypted data. The victims of these cyberattacks are Karam Chand Thapar & Bros. (Coal Sales) Ltd, based in India, and Windak Group, a Sweden-based cable packaging equipment manufacturer. Both incidents have been added to the MEDUSA ransomware group’s dark web portal, where they typically share information about their latest victims.
Additionally, for Windak Group, the ransom amount demanded by the threat actors is $100,000, with a deadline for payment set at 9 days, 23 hours, 20 minutes, and 3 seconds from the time of the cyberattack. Meanwhile, Karam Chand Thapar & Bros., an Indian company specializing in coal services and logistics, is faced with a ransom demand of $200,000, with a payment deadline of 9 days, 22 hours, 57 minutes, and 50 seconds.
Furthermore, efforts are currently underway to verify these ransom claims by The Cyber Express, which has reached out to both targeted companies. As of now, there has been no official response from either company, leaving the validity of the MEDUSA cyberattacks unconfirmed. Additionally, the websites of the victims show no visible signs of the cyberattacks on their front end, further complicating the situation.
This recent wave of attacks follows a pattern previously observed with MEDUSA, where the group publicizes their victims using a consistent method. The cybercriminal group continues to pose a growing threat to organizations worldwide, emphasizing the need for robust cybersecurity measures to combat ransomware attacks.