Threat actors claiming to represent the Medusa ransomware gang tempted a BBC correspondent to become an insider threat by offering a significant amount of money.
Cybersecurity correspondent Joe Tidy revealed in a story on the BBC that the hackers wanted to use his laptop to breach the British public-service broadcaster's network and then ask for a ransom.
Once they got access to the BBC's internal systems, the threat actor planned to steal valuable data and hold the organization to ransom. At least 15% of the paid ransom would go to Tidy for providing initial access.
Tidy says he was contacted in July over Signal by a cybercriminal named "Syndicate" ("Syn"), who initially offered him 15% of the paid ransom if he provided Medusa access to BBC systems.
Syn later tried to sweeten the offer with an additional 10%, saying that "their team could demand a ransom in the tens of millions if they successfully infiltrated the corporation."
In continued attempts to lure Tidy to their side, Syn said "that their team could demand a ransom in the tens of millions if they successfully infiltrated the corporation," which could mean that the journalist could never work again, living off the ransom cut.
From Tidy's exchange with the threat actor
Source: BBC
Medusa ransomware is an operation that emerged in January 2021 and gained a reputation with double-extortion attacks and the launch of an extortion portal in 2023.
In March, CISA published a report on Medusa, attributing to the gang more than 300 attacks on critical infrastructure organizations in the United States.
... continue reading