North Korean Lazarus Group Targets US Healthcare with Medusa Ransomware

North Korean Lazarus Group Targets US Healthcare with Medusa Ransomware

First seen 24 Feb 2026, 12:10 UTC BleepingcomputerTherecord.MediaThehackernewsSecurityBroadcom+15 87% similarity 48.7

Article Content

Browse articles
ThreatCluster

Cybersecurity researchers have identified attacks utilizing Medusa ransomware, attributed to the Lazarus group, a North Korean state-backed hacking operation. These attacks are primarily targeting U.S. healthcare organizations, with the ransomware-as-a-service operation impacting over 300 organizations since its emergence in January 2021, and claiming at least 80 additional victims by February 2025.

ThreatCluster AI

Timeline

2021-01-01
Medusa ransomware-as-a-service operation emerged
2025-02-01
Medusa ransomware impacted over 300 organizations
2025-02-01
Lazarus group claimed at least 80 additional victims
2026-02-24
Current attacks on US healthcare organizations reported

Community

Browse all →