North Korea Possesses New Weapon to Attack America Ruthlessly

Jakarta, CNBC Indonesia - A report from Symantec and Carbon Black states that the North Korean hacking group, Lazarus, is using the Medusa ransomware to carry out several attacks. One of the targets is a healthcare organisation in the United States.

According to the report, the attempt to hack the US healthcare institution failed. Meanwhile, another target was an organisation from the Middle East. The hacking caused the affected institution to be infected with the Medusa strain.

Four out of the 30 organisations affected in the Medusa data since November 2025 are US healthcare and non-profit organisations. Some of these are mental health non-profit organisations and facilities for children with autism.

However, the report states that it is not yet known whether all the victims were targeted by Lazarus or are related to other Medusa affiliates, as quoted by The Register, Wednesday (25/2/2026).

In fact, Medusa is not a tool used exclusively by Lazarus. However, it is operated by the Spearwing group and has been available since 2023.

Since operating for three years, at least 366 attacks have been launched. The victims come from several important sectors, such as medical, education, legal, insurance, technology and manufacturing.

The report believes that the attacks with Medusa were carried out by Lazarus. However, the researchers cannot confirm which subgroup is responsible.

Meanwhile, the report also reveals a list of indicators related to Medusa, the Comebacker backdoor and loader associated with Lazarus, the Blindingcan remote access trojan also associated with Lazarus, and suspicious malware and files.

For information, the Lazarus group is continuously said to be sponsored by North Korea. They carry out several offensive cyber operations such as cryptocurrency theft, extortion attacks, and fraud on IT workers.

Lazarus is also responsible for the hacking of Sony Pictures in 2014 and the WannaCry ransomware in 2017.

(fab/fab)