On April 8, NASCAR was added to Medusa’s dark web data leak website. According to the threat actor, more than one terabyte of data was stolen. “1038.70 GB of data was leaked in total,” Medusa stated. NASCAR has ten days to respond to the dark web countdown timer. The gang promises to add one day to the timer for $100,000, but they are seeking $4 million to download and remove the data. Hackers have already released a large amount of private information to support their accusations. The whole stolen data file tree structure is included, along with a few primary folders called “work main,” “engineering,” “accounting,” “race data,” and “share data.”
Additionally, Medusa made 33 screenshots of different datasets and documents public. They include credentials, like titles, phone numbers, and email addresses, as well as information about workers and maybe other people. Invoices, financial reports, incident report designs, sponsorships, and other internal papers were also made public by Medusa. There is also one map of a raceway’s grounds. According to the information given, the data theft may be authentic. After all, the Medusa ransomware is a very strong cybercrime ring that has attacked vital infrastructure hundreds of times.
NASCAR has not yet verified or refuted any of the Medusa ransomware’s allegations, though. Cybernews is awaiting a response from the corporation after contacting it for comment. One of the top-ranked racing organizations in the world, NASCAR is the sanctioning body and operator of the most popular motorsports in the United States. Stock car racing gained popularity thanks to NASCAR, which also oversees more than 1,500 races annually at more than 100 tracks across 48 US states, Canada, Mexico, Brazil, and Europe.
What is Medusa?
A ransomware-as-a-service variation called Medusa is used to carry out ransomware attacks. Since its initial discovery in June 2021, this ransomware gang has compromised more than 300 victims in vital infrastructure sectors.
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning businesses on how to protect themselves from this threat in response to the gang’s growing activities. A double-, and occasionally even triple-, extortion model is used by the hackers. In other words, they steal victim data, encrypt it, and threaten to make the information publicly available if the ransom is not paid. According to some victims, they were approached once more and requested to pay for a “true decryptor.” Medusa recruits hackers to gain first access to possible victims through its involvement in cybercrime forums and marketplaces. The ring has been seen promising the chance to work exclusively for Medusa and initial access brokers between $100 and $1 million.
