Stay Safe Online with Tech Pulse — Pioneering Tech Trends

Medusa Banking Trojan Returns with New Features, Targets Global Finance

Medusa's comeback brings enhanced features and smarter distribution. Cybersecurity professionals must stay vigilant against this evolving threat.

, and Administrator

2025 October 2 . 9:50 AM

1 min read

In this picture there are rats. At the bottom there is an orange and white color cloth.

Medusa Banking Trojan Returns with New Features, Targets Global Finance

The Medusa (TangleBot) banking Trojan has re-emerged after nearly a year of evading detection, now equipped with new features and a more sophisticated distribution strategy. The malware, which targets financial institutions worldwide, has been identified by Cleafy researchers as operating through five distinct botnets, each focusing on different geographical areas.

The latest Medusa variant boasts new features like full-screen overlay displays and remote uninstallation of applications. It employs 'droppers' to spread malware via fake update procedures, marking a shift in its distribution tactics. The malware communicates with attackers' infrastructure through a secure socket connection, dynamically fetching the command-and-control (C2) server URL from social media profiles such as Telegram and X (formerly Twitter).

Medusa's RAT capabilities enable threat actors to execute on-device fraud, account takeover, and automatic transfer system fraud. The current version of the malware minimizes required permissions and evades detection, allowing it to operate undetected for longer periods. Cleafy researchers have identified a highly structured ransomware group behind the operation, employing multi-stage attack tactics. However, the specific organization or person responsible remains unnamed publicly.

The resurgence of Medusa with enhanced features and distribution strategies underscores the evolving threat landscape in cyber security. As threat actors adapt their tactics, so too must cybersecurity professionals and institutions remain vigilant and proactive in protecting against such sophisticated malware.

Latest

In this picture we observe a fuel tank on which AMBUL is written.

Automotive

Mercedes-Benz Unveils New CLE Coupé: A Powerful Blend of C-Class & E-Class

The new CLE Coupé brings together the best of two worlds. With its powerful engine and advanced features, it's set to make a splash in Australia.

, and Administrator

2025 October 9

In this image, we can see an advertisement contains robots and some text.

AI Revolution

Amazon's New AI-Powered Seller Assistant Boosts U.S. Merchants' Business

Amazon's new AI-driven Seller Assistant is a game-changer for U.S. merchants. It handles crucial tasks, offers valuable insights, and optimizes product distribution, all at no extra cost.

, and Administrator

2025 October 9

In the center of the image, we can see a fly on the net.

Industry

China Condemns US 'Cyber-Theft' at Defense University

China demands answers after US allegedly steals 140GB of data from a top defense university. The US acknowledges its grey zone cyber-activity but denies industrial espionage.

, and Administrator

2025 October 9

In the picture I can see few cameras which are of different types and there is something written...

Tech Pulse's Top Gadget Picks

Amazon's Prime Deal Days 2025: Big Savings on 4K Dashcams

Amazon's Prime Deal Days 2025 brought massive savings on high-quality 4K dashcams. Upgrade your tech now!

, and Administrator

2025 October 9

Medusa Banking Trojan Returns with New Features, Targets Global Finance

Medusa Banking Trojan Returns with New Features, Targets Global Finance

Read also:

Related

Latest