Cybercriminals Launch Lightning-Fast Ransomware Attacks in 24 Hours

Storm-1175 accelerates Medusa ransomware attacks, exploiting vulnerabilities in critical sectors worldwide. Microsoft urges urgent patching.

By Content Team

Apr 8, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Storm-1175, a financially motivated cybercrime group, is conducting "high velocity" Medusa ransomware campaigns that move from initial breach to data theft in as little as 24 hours. Microsoft reports the group exploits vulnerabilities in the critical window between disclosure and widespread patching, recently targeting healthcare, education, and finance organizations across Australia, the UK, and US.

The attackers have weaponized over a dozen known vulnerabilities, including recent flaws in BeyondTrust and CrushFTP software. They've also exploited zero-day vulnerabilities in SmarterMail and GoAnywhere before public disclosure. Storm-1175 disables Microsoft Defender Antivirus by tampering with Windows registry settings, allowing their ransomware to execute undetected. Microsoft urges immediate patching and enabling tamper protection features.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Hackers Selling $220,000 Windows Zero-Day Exploit on Dark Web

Mar 9, 2026

Python Repositories Hit by Sophisticated Malware Campaign Using Stolen VS Code Credentials

Mar 17, 2026

Major Security Breach Exposes 1.5 Million Users on AI Social Network Moltbook

Feb 1, 2026

eScan Antivirus Hit by Supply Chain Attack, Delivers Malware to Users

Jan 31, 2026