BleepingComputer reports that the Medusa distributed denial-of-service botnet has reemerged with a new Mirai-based variant, which is being pegged as a malware-as-a-service for DDoS.
Ransomware functionality has been added to the new Medusa variant, which has gained the capability to search all directories for various file types, particularly documents and vector design files, which are then encrypted through AES 256-bit encryption, according to a report from Cyble.
However, such a data encryption process was found to be flawed, with the botnet only serving as a data wiper that deletes all encrypted files within 24 hours. Researchers noted that the issue indicates the ongoing development of the new Medusa botnet, which gathers system information and does not steal user data prior to encryption.
The new Medusa strain also contains a brute forcer that is aimed at compromising Telnet services but the final payload was discovered to have incomplete support for particular commands.
SiliconAngle reports that ransomware attacks against the educational sector have significantly increased from 2018 to 2022 and are expected to reach a record high this year, with 85 attacks recorded during the first half of 2023 being almost two times higher than the same period in 2022.
Air Canada has confirmed being impacted by a data breach that compromised some of its employees' limited personal data and other records, reports The Record, a news site by cybersecurity firm Recorded Future.