Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Ransom Notes:

IOC 
$$\      $$\ $$$$$$$$\ $$$$$$$\  $$\   $$\  $$$$$$\   $$$$$$\  
$$$\    $$$ |$$  _____|$$  __$$\ $$ |  $$ |$$  __$$\ $$  __$$\ 
$$$$\  $$$$ |$$ |      $$ |  $$ |$$ |  $$ |$$ /  \__|$$ /  $$ |
$$\$$\$$ $$ |$$$$$\    $$ |  $$ |$$ |  $$ |\$$$$$$\  $$$$$$$$ |
$$ \$$$  $$ |$$  __|   $$ |  $$ |$$ |  $$ | \____$$\ $$  __$$ |
$$ |\$  /$$ |$$ |      $$ |  $$ |$$ |  $$ |$$\   $$ |$$ |  $$ |
$$ | \_/ $$ |$$$$$$$$\ $$$$$$$  |\$$$$$$  |\$$$$$$  |$$ |  $$ |
\__|     \__|\________|\_______/  \______/  \______/ \__|  \__|
-----------------------------[ Hello, [snip] !!! ]--------------------------

Sorry to interrupt your busy business.

WHAT HAPPEND?
------------------------------------------------------------
1. We have PENETRATE your network and COPIED data.
We have penetrated your entire network and researched all about your data.
And we have copied all of your confidential data and uploaded to private storage.
* You're running a highly valued business and your data was very crucial.

2. We have ENCRYPTED your files.
While you are reading this message, it means your files and data has been ENCRYPTED by world's strongest ransomware.
Your files have encrypted with new military-grade encryption algorithm and you can not decrypt your files.
But don't worry, we can decrypt your files.

There is only one possible way to get back your computers and servers, keep your privacy safe - CONTACT us via LIVE CHAT and pay for the special 
MEDUSA DECRYPTOR and DECRYPTION KEYs.
This MEDUSA DECRYPTOR will restore your entire network within less than 1 business day.


WHAT GUARANTEES?
---------------------------------------------------------------
We can post all of your critial data to the public and send emails to your competitors.
We have professional OSINTs and media team for leak data to telegram, facebook, twitter channels and top news websites. You can easily search about us.
You can suffer significant problems due to disastrous consequences, leading to loss of valuable intellectual property and other sensitive information, 
 costly incident response efforts, information misuse/abuse, loss of customer trust, brand and reputational damage, and legal and regulatory issues.

After paying for the data breach and decryption, we guarantee that your data will never be leaked and make everything silent, this is also for our reputation.

YOU should be AWARE!
---------------------------------------------------------------
We will speak only with an authorized person. It can be the CEO, top management etc.
In case you ar not such a person - DON'T CONTACT US! Your decisions and action can result in serious harm to your company!
Inform your supervisors and stay calm!


If you do not contact us within 48 hours, We will start publish your case to our official blog and everybody will start notice your incident!
--------------------[ Telegram channel ]--------------------

https://t.me/+yXOcSjVjI9tjM2E0


--------------------[ Official blog tor address ]--------------------
Using TOR Browser(https://www.torproject.org/download/):

http://xfv4jzckytb4g3ckwemcny3ihv4i5p4lqzdpi624cxisu35my5fwi5qd.onion/
http://cx5u7zxbvrfyoj6ughw76oa264ucuuizmmzypwum6ear7pct4yc723qd.onion/


CONTACT US!
----------------------[ Your company live chat address ]---------------------------
Using TOR Browser(https://www.torproject.org/download/):

http://uyku4o2yg34ekvjtszg6gu7cvjzm6hyszhtu7c55iyuzhpr4k5knewyd.onion/[snip]

Backup Mirrors:
http://5ar4vuckm3k7osdlzskqkaqmqr4jjpmdikuotmlpkrbsxx7ard3xetyd.onion/[snip]

--------------------[ Or Use Tox Chat Program(https://utox.org/uTox_win64.exe) ]--------------------
Add user with our tox ID : 061AA6BDE8F6DE6C92F0D6E077359BF6911FCAF80030E82B3A3DB65E63C8011343D34F956FEC

Our support email: ( MedusaSupport@cock.li )

Company identification hash:
[snip]
Indicators of Compromise
Type IOC
email MedusaSupport@cock.li
onion url http://5ar4vuckm3k7osdlzskqkaqmqr4jjpmdikuotmlpkrbsxx7ard3xetyd.onion/[snip]
onion url http://cx5u7zxbvrfyoj6ughw76oa264ucuuizmmzypwum6ear7pct4yc723qd.onion/
onion url http://uyku4o2yg34ekvjtszg6gu7cvjzm6hyszhtu7c55iyuzhpr4k5knewyd.onion/[snip]
onion url http://xfv4jzckytb4g3ckwemcny3ihv4i5p4lqzdpi624cxisu35my5fwi5qd.onion/
tox id 061AA6BDE8F6DE6C92F0D6E077359BF6911FCAF80030E82B3A3DB65E63C8011343D34F956FEC
telegram url https://t.me/+yXOcSjVjI9tjM2E0