Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Medusalocker

Medusa is a DDoS bot written in .NET 2.0. In its current incarnation its C&C protocol is based on HTTP, while its predecessor made use of IRC.
External information

Victims
51
 
First Discovered
2022-11-15
victim
Last Discovered
2025-11-18
victim
Inactive Since
123
days
Avg Delay
80.9
days
Infostealer
0.0%
victims with domain

View Victims on World Map

View group statistics

Known Locations (4)
Favicon Title Type Available Last Visit Server Info FQDN
favicon None No 2025-06-01 21:19:12 qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onion
favicon Ransomware blog – We will not give ourselves a name. Just watch out for the leakage of your data:) No 2025-12-18 23:30:18 z6wkgghtoawog5noty5nxulmmt2zs7c3yvwr22v4czbffdoly2kl4uad.onion
favicon Medusa Chat No 2025-06-01 21:20:10 95.143.191.148:3000
favicon Human Verify No 2025-06-01 21:20:46 medusaxko7jxtrojdkxo66j7ck4q5tgktf7uqsqyfry4ebnxlcbkccyd.onion
Target (Available)
Top 5 Activity Sectors
  • Technology 2
  • Energy 2
  • Business Services 1
  • Manufacturing 1
  • Healthcare 1
Top 5 Countries
  • US flag United States 4
  • AE flag United Arab Emirates 1
  • HU flag Hungary 1
  • DE flag Germany 1
  • CO flag Colombia 1
Heatmap (Available)
Ransom Notes (1)
Tools Used (Available)
This information is provided by Ransomware-Tool-Matrix
Discovery RMM Tools Defense Evasion Credential Theft OffSec Networking LOLBAS Exfiltration
Advanced IP Scanner
Advanced Port Scanner
SoftPerfect NetScan
Remote Desktop Plus (RDP+)
HRSword
PCHunter
ProcessHacker
Invoke-TheHash
Mimikatz
Impacket
PsExec
Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (0)

No TTPs available.

Negotiation Chats (0)

No negotiation chats available.

YARA Rules (1)
Indicators of Compromise (IoCs) (20)
SHA256 19 TOX 1
Type IOC
sha256 dc4840a0992b218cbedd5a7ac5c711cb98f1f9e78a8ffdea37c694061dfd34c6
sha256 48046fb0e566f5a2d184f84b76d6cadc458762556daed0ae4a3a1200afbefb54
sha256 c0c726a23111c220d022fcd01a85f9788249e42baece03f83b6059170453b801
sha256 012657c4548d9c98223caa4cc7aa52fc083d6983d42fde16ca3271412e7fe3fe
sha256 8edbb1944d94ff91ee917c31590b6d1d5690a52fc153e44355ee9749aa0f4625
sha256 364f1b7466d8e4c9f55294ecf1f874c763bcf980c59b0250c613ac366def6aca
sha256 5d5d639fdfbf632bb7d9f1bb28731217d09d36078ab5e594baf2a5a41267a5d2
sha256 33a8024395c56fab4564b9baef1645e505e00b0b36bff6fad3aedb666022599a
sha256 b8c994e3ed7dcc9080916119ddc315533c129479f508676d7544b82b2e24745f
sha256 63eb3d2886d9cb880c9b0d54b94f3e149b3b5b6215a33a0ef63588a09dcd4499
sha256 270c3354b3ee2940b499e365eaba143fba9d458f434dc38e663dc0f08e96121e
sha256 759b96f44806578cc0836a3a2bf11c8bc553effac72f8d28b94aec78b66be906
sha256 9f066975f1e02b29c7c635280f405c59704ce4f4e06b04e9ac8a7eac22acd3c7
sha256 8bc455e5de35290f8a94376357947bd72aaf6f4d452c25a8ef444e037ef76b9f
sha256 d00f7cf6af68ba832b9d364f28411346cfe66fd3b1f5bcac318766add29ff7f0
sha256 1f2df15442593b159e45d16a27e4d43d3a9062da212a588ba4c048f214a0b7be
sha256 1e9246e6a35731143368eaa0ade4f3cf576d6b22e6090152f6e94f1fa3070651
sha256 6ae3a58a78be9c606009c657de4e390538b21ad951e62b6f4d31138e1a75732c
sha256 2eddfe711c32ef1668e14a10d00452c83c29e394e17c41f491550a1583c1bcac
tox E9CD65687463F67F64937E961DD723DC82C79CB548375AAE8AA4A0698D356C5E7E157B22E8CD
Victims (51)
Logo
dulay.ca CA
Medusalocker
Discovered: 2025-11-18  ·  Attack est.: 2025-11-17
Price-$40000 (sale in one hand there are options for making a profit from these files will be includ…
Logo
usenergy US
Medusalocker
Discovered: 2025-09-14
Price-$120000 (sale in one hand there are options for making a profit from these files will be inclu…
Logo
UnigazJordan JO
Medusalocker
Discovered: 2025-05-30
www.unigaz.net $690.6 Million The list of files is available at the link https://dropmefiles.com/9HG…
Logo
Mulia Raya ID
Medusalocker
Discovered: 2025-05-29
www.muliaraya.co.id $34.8 Million The list of files is available at the link https://dropmefiles.com…
Logo
Curtain Bluff AG
Medusalocker
Discovered: 2025-03-25
www.curtainbluff.com Curtain Bluff files Vacationer information (personal data), audit information (…
Logo
Inversiones Clinica Del Meta SA CO
Medusalocker
Discovered: 2025-02-28
www.clinicameta.co Description employee information – patient information – agreements – password da…
Logo
MICRO MANUFACTRING
Medusalocker
Discovered: 2025-02-12  ·  Attack est.: 2025-02-06
Micro Manufacturing Inc. Descriptionemployee information – agreement – customer email(.xls)-.msg out…
Logo
bendixengineering US
Medusalocker
Discovered: 2025-01-09
Descriptionemployee information – agreement – customer email(.xls)-.msg outlook files Data-2016-2024…
Logo
SILKNET COMPANY US
Medusalocker
Discovered: 2024-11-26
URL:https://silknet.com https://geocell.ge/ On sale:Company email base(about 1tb)Customer dataCompan…
Logo
Protected: HIDE NAME
Medusalocker
Discovered: 2024-05-09
There is no excerpt because this is a protected post.…
Logo
SHAMASS.ORG US
Medusalocker
Discovered: 2024-05-02  ·  Attack est.: 2024-04-22
Descriptionemployee information – agreement – customer email(.xls)-.msg outlook files Price-$50000 (…
Logo
Protected: HIDE NAME SELL DATA SOON
Medusalocker
Discovered: 2024-04-26  ·  Attack est.: 2024-04-25
There is no excerpt because this is a protected post.…
Logo
Protected: Name is hidden
Medusalocker
Discovered: 2023-11-29
There is no excerpt because this is a protected post.…
Logo
skalar.com
Medusalocker
Discovered: 2023-11-29
There is no excerpt because this is a protected post.…
Logo
Ada-Borup-West School
Medusalocker
Discovered: 2023-10-23
Descriptionemployee information – student information – all contracts Price: 35000$…
Logo
wellons.org
Medusalocker
Discovered: 2023-10-23
Descriptionemployee information – agreement – customer email(.xls)- pst files 15+GB all outlook mess…
Logo
Confidential files
Medusalocker
Discovered: 2023-10-02
A large number of documents of large companies are available for sale Revenue-$10-$70kk Financial do…
Logo
INSULCANA CONTRACTING LTD
Medusalocker
Discovered: 2023-08-03  ·  Attack est.: 2023-07-27
Descriptionemployee information – agreement – customer email(.xls)- passport all canada and other do…
Logo
Protected: INSULCANA CONTRACTING LTD
Medusalocker
Discovered: 2023-07-27
There is no excerpt because this is a protected post.…
Logo
Protected: Hidden name
Medusalocker
Discovered: 2023-07-17
There is no excerpt because this is a protected post.…
Logo
Hoosier Equipment company
Medusalocker
Discovered: 2023-07-04
DescriptionClient Case – agreement – email(.msg)- and other documents Price: 60000$…
Logo
Ucamco Belgium
Medusalocker
Discovered: 2023-07-02
DescriptionClient Case – customers email-Audit information-There is also access to email for newslet…
Logo
reutlingen.ihk.de DE
Medusalocker
Discovered: 2023-06-24  ·  Attack est.: 2023-06-16
DescriptionClient Case – agreement – email(.msg)- contracts – and other documents PRICE-$80000…
Logo
Hausamman company
Medusalocker
Discovered: 2023-06-24  ·  Attack est.: 2023-06-16
DescriptionClient Case – customers email-documents PRICE-$20000…
Logo
kafflogistic.hu HU
Medusalocker
Discovered: 2023-06-24  ·  Attack est.: 2023-06-17
DescriptionClient Case – agreement – email(outlook files)- contracts – and other documents PRICE-$50…
Logo
SELL DATA(qtox)
Medusalocker
Discovered: 2023-06-24  ·  Attack est.: 2023-06-17
Available for sale: to buy please contact qtox price negotiable qtox-E9CD65687463F67F64937E961DD723D…
Logo
Jalux Americas, Inc.
Medusalocker
Discovered: 2023-06-14  ·  Attack est.: 2021-11-03
DescriptionClient Case – agreement – email(.msg) – and other documents Price: 160000$The company fai…
Logo
arborsct.com
Medusalocker
Discovered: 2023-06-14
DescriptionClient Case – agreement – email(.msg)- and other documents Price: 60000$ One copy will be…
Logo
Salmon Software
Medusalocker
Discovered: 2023-06-03  ·  Attack est.: 2022-07-11
DescriptionClient Case – agreement – email(.msg)- passport- and other documents Price: 120000$ Three…
Logo
LETAPE JEUNES
Medusalocker
Discovered: 2023-06-03  ·  Attack est.: 2023-06-02
DescriptionClient Case – agreement – email(.msg)- contracts – and other documents(passports) PRICE-$…
Logo
bsw-architects.com
Medusalocker
Discovered: 2023-04-11
DescriptionClient Case – agreement – email(.msg)- contracts – and other documents PRICE-$80000 There…
Logo
DGLEGAL
Medusalocker
Discovered: 2022-11-15
No description available
Logo
emscrm
Medusalocker
Discovered: 2022-11-15
No description available
Logo
MIDAS Company
Medusalocker
Discovered: 2022-11-15
No description available
Logo
AURIS KONINKLIJKE AURIS GROEP
Medusalocker
Discovered: 2022-11-15
No description available
Logo
fidelityunited.ae AE
Medusalocker
Discovered: 2022-11-15
No description available
Logo
goldcreekfoods
Medusalocker
Discovered: 2022-11-15
No description available
Logo
exheat.com
Medusalocker
Discovered: 2022-11-15
No description available
Logo
hwrpc.com
Medusalocker
Discovered: 2022-11-15
No description available
Logo
tristatefabricators_inc
Medusalocker
Discovered: 2022-11-15
No description available
Logo
atlantisholidays
Medusalocker
Discovered: 2022-11-15
No description available
Logo
archimages inc
Medusalocker
Discovered: 2022-11-15
No description available
Logo
ALTlTUDE AEROSPACE INC
Medusalocker
Discovered: 2022-11-15
No description available
Logo
Fonderia Boccacci
Medusalocker
Discovered: 2022-11-15
No description available
Logo
Zelena Laguna Hotel
Medusalocker
Discovered: 2022-11-15
No description available
Logo
LEGAZPIBANK
Medusalocker
Discovered: 2022-11-15
No description available
Logo
MCCLEAN16 company
Medusalocker
Discovered: 2022-11-15
No description available
Logo
lawtrade company
Medusalocker
Discovered: 2022-11-15
No description available
Logo
Autosoft company
Medusalocker
Discovered: 2022-11-15
No description available
Logo
BIOPLAN
Medusalocker
Discovered: 2022-11-15
No description available
Logo
Dyatech company
Medusalocker
Discovered: 2022-11-15
No description available