Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks
Malware and Vulnerabilities
March 28, 2025
The Hacker News
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of EDRKillShifter to disable endpoint security software, according to ESET.
Read More
Ransomhub
EDRKillShifter
Medusa Ransomware
BianLian ransomware
PLAY ransomware
Publisher
Previous
Critical Severity Vulnerabilities in Ghostscript Put U ...
Malware and Vulnerabilities
Next
150,000 Sites Compromised by JavaScript Injection Promo ...
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/image_bank/a950_shutterstock_1166941312.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/65c8_shutterstock_1191657421.jpg)
