Tech »  Topic »  North Korean Hackers Continue to Target US Healthcare

North Korean Hackers Continue to Target US Healthcare

2 weeks, 2 days ago   bankinfosecurity

Report: Lazarus Group Pivoting to Medusa Ransomware for Extortion Attacks Marianne Kolbasuk McGee (HealthInfoSec) • February 24, 2026

The North Korean Lazarus Group have pivoted to using Medusa ransomware in attacks against U.S. healthcare sector entities, said a new report from Symantec and Carbon Black's Threat Hunter Team. (Image: Shutterstock)

North Korean-state backed Lazarus Group hackers are continuing to target U.S. healthcare sector organizations, and they're now pivoting to Medusa ransomware. The extortion attacks are still coming despite an U.S. indictment in 2024 of Rim Jong Hyok, an alleged member of the Lazarus subgroup Stonefly, according to a new threat hunter intelligence report from Symantec and Carbon Black.

See Also: How 72% of Enterprises Are Rewriting Cyber Resilience Playbooks

As of Monday, ransomware monitoring website Ransomware.live counted 518 Medusa victims - including at least 43 healthcare victims - since the ransomware-as-a-service group first surfaced in 2023. Medusa ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE

More related news