MedusaLocker Distributes GlobeImposter Ransomware via RDP

ASEC researchers have reported the active distribution of the GlobeImposter ransomware by the threat actors behind MedusaLocker that used remote desktop protocols as an attack vector. Besides other malware, hackers also deployed an XMRig CoinMiner to compromised systems. Security experts suggest users should ensure that RDP is deactivated when not in use.