Thirtyseven4 EDR Security: MedusaLocker Wrecking Havoc

First observed in 2019, MedusaLocker (Medusa ransomware) continues to wreak havoc, rearing its ugly head (pun intended!) time and time again as we close out 2023.   Operating as a ransomware-as-a-service (RaaS), MedusaLocker is a notorious strain of malware that employs a double extortion tactic in (1) stealing data before encryption, and then (2) rendering the victim’s data inaccessible until a ransom is paid.

This malicious malware has been causing widespread (time and financial) damage to individuals, churches, businesses, and schools.  Earlier this year, the MedusaLocker gang launched a successful attack on the students, teachers, and staff at the Minneapolis Public School District (MPSD).  The widely publicized assault resulted with nearly 100GB of confidential information being illegally uploaded to the web, including allegations of Intelligence tests, abuse by teachers, and psychological reports.

While some features of MedusaLocker have evolved over time (i.e. booting up in safe mode before execution and file encryption), the core goals and impacts remain constant.  MedusaLocker components include:

1. Data loss – loss of important files, documents, and other data upon encryption

  1. Financial loss – encrypted files are offered for a financial ransom, where users are asked to pay steep prices in order to decrypt files that were affected

As the calendar year ends, the Thirtyseven4 EDR Security ThreatLab is routinely adding new signatures, generic detections and behavioral-based enhancements to its detection and prevention engines thwarting existing and future MedusaLocker threats. Examples of recently added signatures include:


As cybercriminals continually evolve their tactics, the threat of MedusaLocker remains ever-present, but the proactive awareness and protection of users can also evolve with it. 

How can my organization or school defend itself against MedusaLocker?

  1. Install a strong EDR Security software, such as Thirtyseven4 EDR Security.
  2. Keep Thirtyseven4 EDR Security up to date.
  3. Due to the trend of MedusaLocker being widely distributed over email, do NOT download or open any attachments from unknown sources.
  4. Avoid clicking on any unverified link. The leading cause of ransomware attacks is clicking on untrusted links and attachments.
  5. Regularly update your operating system, applications, and software to fix known vulnerabilities, often exploited by ransomware.
  6. Back up your data so that it can be easily recovered and restored in case of encryption.

    Medusa is best known in ancient Greek art for having hair made of snakes and for her ability to turn anyone she looked at to stone.  The MedusaLocker ransomware and its effects on a Network are just as frightening and immobilizing.

But we’ll never have to look MedusaLocker in the face (or experience its effects) if we employ strong security that averts Medusa’s threatening gaze.

Be aware of the latest threats, but save yourself the paralyzing effects of having to look them in the eyes.  Thirtyseven4 EDR Security.  Trust us to protect you.

Trust us to protect you.

About Thirtyseven4 EDR Security:

Thirtyseven4 EDR Security exceeds cyber security insurance requirements and includes:

• Advanced EDR Capabilities
• A.I. based Ransomware Protection
• Next-Generation Malware Engine
• Automated Curative Response
• Advanced Next-Generation Anti-virus protection
• Automated/Monitored/Dynamic Endpoint Detection & Response (EDR) functionality
• A.I. based Ransomware Protection
• Next-Generation Malware Engine
• Automated Curative Response
• Removal of Current Antivirus Product
• Integrated Patch Management
• Anti-Keylogger modules
• Asset Management
• Firewall
• PC-Tuning
• Content Filtering
• Malware Detection & Removal
• Vulnerability Scanning
• Email Security
• Advanced Device Control

If you’re interested in receiving a non-obligation quote for Thirtyseven4 EDR Security, please complete the form located at:

We are grateful to be serving over 2,400 schools, businesses and non-rofits across the Nation and Thirtyseven4 EDR Security cares for our customers! We want the higher level of Security and Service for you and Thirtyseven4 EDR Security is it.


Thirtyseven4, LLC is dedicated to serving customers with a full palette of security solutions including AntiVirus, AntiMalware, Anti-Ransomware and Zero-Day Threat Protection.