Medusa ransomware has carved out a unique niche in the ransomware-as-a-service ecosystem since its emergence in mid-2022. While most ransomware operators focus on direct exploitation of internet-facing services or phishing campaigns, Medusa affiliates have shown a consistent preference for supply chain infiltration -- compromising service providers and software vendors to gain access to their customers.
This approach is not new, but Medusa's systematic refinement of the technique makes it worth studying. By 2024, the group had compromised over 300 organizations, with a significant percentage of those victims reached through upstream provider compromise rather than direct attack.
The MSP Gateway Strategy
Medusa affiliates have demonstrated a clear pattern of targeting managed service providers as their preferred initial access vector. The logic is straightforward: a single MSP compromise can yield access to dozens or hundreds of client environments.
The typical attack flow looks like this:
- Initial reconnaissance identifies MSPs through public client lists, case studies, and partnership announcements
- Credential harvesting targets MSP employees through spear-phishing campaigns tailored to IT service contexts
- RMM tool abuse leverages the MSP's own remote management tools (ConnectWise, Datto, NinjaRMM) to move laterally into client networks
- Selective deployment chooses which client environments to encrypt based on apparent revenue and insurance coverage
The genius of this approach is that it abuses trusted channels. When an MSP's RMM tool pushes software to client endpoints, those clients do not question it. The trust relationship between provider and customer becomes the attack vector.
Case Study: The Regional MSP Incident
In March 2024, Medusa affiliates compromised a regional MSP serving approximately 45 small and medium businesses across the healthcare and legal sectors. The attackers spent 11 days inside the MSP's environment before deploying ransomware to 28 of the 45 client networks simultaneously.
The initial access came through a compromised VPN credential belonging to a former employee -- the account had not been deactivated. Once inside, the attackers:
- Mapped the MSP's client management infrastructure
- Identified which clients had cyber insurance (checking documentation in the MSP's PSA tool)
- Prioritized targets based on perceived ability to pay
- Used the MSP's own backup management tools to delete client backup catalogs before deploying the encryptor
The simultaneous deployment across 28 organizations overwhelmed incident response capacity in the region. Several victims paid ransoms because the MSP's own recovery capabilities had been destroyed.
Software Vendor Targeting
Beyond MSPs, Medusa has shown interest in compromising software vendors directly. Two incidents in 2024 involved attacks on niche vertical software companies -- one serving the dental industry and another providing practice management software for accounting firms.
In both cases, the attackers gained access to build environments and explored the possibility of trojanizing software updates. While neither incident resulted in a confirmed supply chain compromise through software updates, the reconnaissance activity indicated clear intent.
The dental software incident was particularly concerning because the attackers spent three weeks in the build environment, studying the CI/CD pipeline and release process. They ultimately chose to deploy ransomware directly rather than attempt the more complex supply chain attack, but the reconnaissance data they collected could inform future operations.
Technical Indicators
Medusa's tooling has evolved significantly since 2022. Current affiliates commonly deploy:
- Custom PowerShell loaders that fetch the encryptor from temporary infrastructure
- Modified versions of legitimate RMM tools for persistence, particularly AnyDesk and TeamViewer
- Living-off-the-land techniques using PsExec, WMI, and native Windows remote management
- Custom data exfiltration tools that compress and encrypt stolen data before uploading to attacker-controlled cloud storage
The encryptor itself uses a combination of AES-256 and RSA-2048, appending the .MEDUSA extension to encrypted files. The group maintains a Tor-based leak site where they post stolen data and conduct public negotiations with victims.
Negotiation Tactics
Medusa's negotiation approach is unusually aggressive. The group operates a public leak site where they post countdown timers for each victim. When the timer expires, stolen data is published. But they also offer victims three options:
- Pay the ransom to decrypt files and prevent data publication
- Pay a separate fee just to delay the publication timer (typically $10,000 per day of extension)
- Pay to delete the data without receiving a decryptor
This tiered approach maximizes revenue extraction. Even organizations that have backups and do not need the decryptor face pressure to pay for data deletion. The time-extension option creates a sense of urgency while generating immediate revenue.
Defensive Gaps
The supply chain focus of Medusa's operations exposes several common defensive gaps:
MSP trust relationships are rarely monitored. Most organizations treat connections from their MSP's tools as implicitly trusted. There is no anomaly detection on RMM tool activity patterns, and MSP access is often exempted from conditional access policies.
Vendor access controls are overly permissive. Software vendors with support access to customer environments often have standing privileges rather than just-in-time access. These persistent connections become attack paths when the vendor is compromised.
Backup isolation is insufficient. When attackers have access to the MSP's backup management console, they can destroy backups across all managed clients simultaneously. Air-gapped or immutable backups managed independently of the MSP are rare.
Supply chain incident response plans do not exist. Most incident response plans assume a direct attack. When the compromise comes through a trusted provider, the detection, containment, and recovery playbooks need to be fundamentally different.
Defending Against the Medusa Playbook
Organizations can take concrete steps to reduce their exposure to Medusa-style supply chain attacks:
For MSP clients:
- Require MFA on all MSP access points, managed by your organization rather than the MSP
- Monitor RMM tool activity for anomalous patterns (unusual hours, unusual target systems)
- Maintain independent backups that the MSP cannot access or modify
- Include MSP compromise scenarios in your incident response plan
For organizations using third-party software:
- Monitor update channels for unexpected or unsigned updates
- Implement application allowlisting that validates software signatures
- Maintain an SBOM for critical applications to detect unexpected component changes
- Segment networks so that software update processes do not have broad lateral access
For MSPs themselves:
- Implement zero-trust architecture within your management environment
- Use just-in-time access for client environments rather than standing privileges
- Monitor for credential abuse across all client-facing tools
- Conduct regular tabletop exercises simulating a scenario where your own infrastructure is the attack vector
How Safeguard.sh Helps
Safeguard.sh provides continuous monitoring of your software supply chain that directly addresses the Medusa threat model. The platform's SBOM generation and monitoring capabilities detect unexpected changes in software components, which is critical when a vendor's build environment may be compromised. Safeguard's vulnerability tracking ensures that the known CVEs exploited by Medusa affiliates for initial access are identified and prioritized in your environment. The platform's integration with CI/CD pipelines means that any tampering with build artifacts triggers alerts before compromised software reaches production. For organizations managing MSP relationships, Safeguard's third-party risk assessment module provides visibility into the security posture of your service providers, helping you identify the weak links that Medusa affiliates actively hunt for.