{"id":3865,"date":"2025-03-27T15:12:22","date_gmt":"2025-03-27T15:12:22","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/03\/27\/hackers-repurpose-ransomhubs-edrkillshifter-in-medusa-bianlian-and-play-attacks\/"},"modified":"2025-03-27T15:12:22","modified_gmt":"2025-03-27T15:12:22","slug":"hackers-repurpose-ransomhubs-edrkillshifter-in-medusa-bianlian-and-play-attacks","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/03\/27\/hackers-repurpose-ransomhubs-edrkillshifter-in-medusa-bianlian-and-play-attacks\/","title":{"rendered":"Hackers Repurpose RansomHub&#8217;s EDRKillShifter in Medusa, BianLian, and Play Attacks"},"content":{"rendered":"<p>\u200bA new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play.<br \/>\nThe connection stems from the use of a custom tool that&#8217;s designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in\u00a0A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play.<br \/>\nThe connection stems from the use of a custom tool that&#8217;s designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bA new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that&#8217;s designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/03\/27\/hackers-repurpose-ransomhubs-edrkillshifter-in-medusa-bianlian-and-play-attacks\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">Hackers Repurpose RansomHub&#8217;s EDRKillShifter in Medusa, BianLian, and Play Attacks<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":3866,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/3865"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=3865"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/3865\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/3866"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=3865"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=3865"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=3865"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}