Ethical Hacking News
A notorious ransomware gang has attempted to recruit a British journalist to assist them in breaching the network of the BBC, a move that highlights the ongoing threat landscape in cybersecurity.
The Medusa ransomware gang attempted to recruit a British journalist, Joe Tidy, to assist them in breaching the BBC's network. The hackers offered Tidy 15% of any paid ransom resulting from their successful breach and a significant sum of money in exchange for his help. Medusa gang has been using this recruitment strategy with alarming frequency, targeting initial access brokers in cybercrime forums and darknet marketplaces. The gang's tactics involve flooding victims' phones with MFA requests (MFA bombing) to wear them down and force compliance. The attempted recruitment serves as a reminder of the ongoing threat landscape and the need for robust security measures and awareness within organizations.
In a shocking exposé, a notorious ransomware gang known as Medusa has been revealed to have attempted to recruit a British journalist, Joe Tidy, to assist them in breaching the network of the BBC, one of the world's most respected and revered media outlets. The incident serves as a stark reminder of the ever-evolving nature of cyber threats and the cunning tactics employed by malicious actors seeking to exploit vulnerabilities in even the most seemingly secure environments.
According to Tidy's account, which was reported on the BBC website, the Medusa gang reached out to him via Signal, an encrypted messaging app, with an initial offer of 15% of any paid ransom that resulted from their successful breach. The hackers claimed to be a team known as "Syn," and purportedly offered a significant sum of money in exchange for Tidy's assistance in gaining access to the BBC's internal systems.
As the story unfolds, it becomes clear that the Medusa gang has been using this tactic with alarming frequency. In January 2021, the operation first emerged on the scene, garnering notoriety through its use of double-extortion attacks and the launch of an extortion portal in 2023. Since then, CISA (Cybersecurity and Infrastructure Security Agency) has attributed over 300 attacks on critical infrastructure organizations in the United States to Medusa's core operators.
The gang's recruitment strategy involves targeting initial access brokers in cybercrime forums and darknet marketplaces. These operatives are tasked with providing Medusa with easy access to the networks of their intended targets. In this instance, Tidy suspects that the Medusa gang mistakenly believed him to be a cybersecurity employee at the BBC with high privilege access.
The hackers' attempts to recruit Tidy were characterized by an air of desperation and an apparent disregard for his well-being. The representative claimed that "they aren't bluffing or joking – they don't have a purpose media-wise, we are only for money and money only." This flippant demeanor only added to the audacity of their request.
Once Tidy refused to cooperate, the hackers resorted to a tactic known as MFA bombing. This involves flooding the victim's phone with multiple-factor authentication requests in an attempt to wear them down and force them into compliance. However, Tidy had anticipated this move and contacted BBC's information security team for assistance. Following their advice, he disconnected his laptop from the organization's infrastructure as a precautionary measure.
In conclusion, the attempted recruitment of Joe Tidy by the Medusa ransomware gang serves as a stark reminder of the ongoing threat landscape in which we live. As cybersecurity professionals, it is imperative that we remain vigilant and adapt our defenses to counter the ever-evolving tactics employed by malicious actors. The brazen nature of this operation underscores the need for robust security measures and a culture of awareness within organizations.
Related Information:
https://www.ethicalhackingnews.com/articles/Ransomware-Gangs-Desperate-Gambit-Tempting-a-BBC-Reporter-to-Betray-Her-Employer-ehn.shtml
https://www.bleepingcomputer.com/news/security/ransomware-gang-sought-bbc-reporters-help-in-hacking-media-giant/
https://www.bbc.com/news/articles/c3w5n903447o
https://www.socinvestigation.com/comprehensive-list-of-apt-threat-groups-motives-and-attack-methods/
Published: Mon Sep 29 13:36:24 2025 by llama3.2 3B Q4_K_M
