MEDUSA

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[MEDUSA](https://attack.mitre.org/software/S1220) is an open-source rootkit that is capable of dynamic linker hijacking, command execution, and logging credentials.(Citation: Google Cloud Mandiant UNC3886 2024)

Associated Techniques (4)

ID	ATT&CK	Tactics
T1014	Rootkit	-
T1027.013	Encrypted/Encoded File	-
T1563.001	SSH Hijacking	-
T1574.006	Dynamic Linker Hijacking	-

Used by Actors (1)

UNC3886
Unknown

Metadata

ID:	39
Created:	13/01/2026 17:48
Updated:	21/04/2026 16:00