Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
TM RedHotCyber 320x100 042514
TM RedHotCyber 970x120 042543
Russian Interior Ministry officials arrested the creators of the Medusa malware

Russian Interior Ministry officials arrested the creators of the Medusa malware

Redazione RHC : 31 October 2025 07:21

The Russian programming team behind the Medusa malware has been arrested by officials from the Russian Interior Ministry, with the support of police in the Astrakhan region.

According to investigators, three young IT specialists were involved in the development, distribution, and implementation of viruses designed to steal digital data and breach security systems. Irina Volk reported this on the Telegram channel , attaching a video of the arrests.

Investigators have determined that the group’s activities began approximately two years ago. At the time, the suspects had created and published on hacker forums a program called Medusa, capable of stealing user accounts, cryptocurrency wallets, and other confidential information. The virus spread rapidly through closed communities, where it was used to attack private and corporate networks.

One of the recorded incidents was a cyberattack in May 2025 on a government agency in the Astrakhan region. Using proprietary software, attackers gained unauthorized access to official data and transferred it to servers under their control. A criminal case has been initiated under Part 2 of Article 273 of the Russian Criminal Code, which provides for liability for the creation and distribution of malware.

Investigators from the Russian Ministry of Internal Affairs’ Cybercrime Department, with the support of the Russian National Guard, arrested the suspects in the Moscow region. During the searches, computers, mobile devices, credit cards, and other items were seized, confirming their involvement in cybersecurity crimes.

The investigation revealed that Medusa’s developers had also created another malicious tool. This software was designed to bypass antivirus solutions, disable defense mechanisms, and create botnets— networks of infected computers used to launch large-scale cyber attacks.

All three suspects have been placed in pre-trial detention. Investigations are continuing to identify possible accomplices and further cases of illegal activity.

Immagine del sitoRedazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli