Medusa Ransom Group Hacks into Gujarat Mining Company Demanding $500K Ransom
A ransomware gang breached the Gujarat Mineral Development Corporation (GMDC) data network on April 1. The ransomware gang called ‘Medusa’, first published on its blog, ‘Medusa Blog’ on March 23, privy to hacker networks, that they were in possession of several GBs of sensitive data belonging to GMDC’s office in Ahmedabad and had compromised the ‘admin’ of the network. Medusa ransomware demanded $500,000 as ransom by April 1, from GMDC to decrypt the documents.
The Medusa ransomware gang took control of administrator rights, and allegedly had access to Office365 users’ emails including the attached documents. There were lists of corporate business clients with whom GMDC is in business, maintenance contracts for a power plant, several tender documents, infrastructure evaluation report conducted by Schneider Electric for GMDC, several IP addresses of employees and their devices, employees’ personal details.