Skip to content

Hide Navigation Hide TOC

Medusa Ransomware (c387c7e0-b8d9-4475-8672-c1285e38f2a1)

This object reflects the ATT&CK Techniques associated with the Medusa Ransomware encryptor tool. Medusa is a ransomware-as-a-service (RaaS) operation that employs a double extortion model, encrypting victim data and threatening to release exfiltrated data if a ransom is not paid.[U.S. CISA Medusa Ransomware March 12 2025]

Cluster A Galaxy A Cluster B Galaxy B Level
Medusa Ransomware Actors (316a49d5-5fe0-4e0b-a276-f955f4277162) Tidal Groups Medusa Ransomware (c387c7e0-b8d9-4475-8672-c1285e38f2a1) Tidal Software 1