MedusaHTTP Removal Guide

MedusaHTTP is a vicious threat that can have many variants as the malware is available for purchase on the dark web. It is offered as a botnet, a malicious application that uses infected machines for taking down targeted systems, services, etc. It is usually difficult to notice such threats as they work silently. Not to mention, the symptoms of the infection can be attributed to other problems. Further in this report, you can learn more about how the malware works as well as how it could be distributed and what effect it could have on your system. Naturally, like with any other malicious application, we recommend erasing MedusaHTTP immediately. Since removing it manually could be difficult, we believe it might be safer to leave this task to a reliable security tool. Nonetheless, if you still wish to try to delete it manually, you could use our instructions provided at the end of this text. Just keep in mind that we cannot promise they will work on the version of this botnet that you might have.

Firstly, we wish to discuss the possible distribution channels that hackers who purchase MedusaHTTP might employ to spread it. Our specialists say that according to most reports, the malware is being spread through suspicious advertisements placed on unreliable websites. No matter how tempting an offer could be, you should always stay away from questionable pop-ups, sponsored ads, banners, and content alike. The safest option is to interact only with the ads you know to be reliable. If you have even the slightest suspicion, you should stay away from such content.

Another thing that you should do if you do not wish to receive MedusaHTTP, is updating your Adobe Flash Player immediately. Reports also say that the infection finds a way into a system by exploiting a vulnerability called CVE-2018-4878 that is found in some Adobe Flash Players or, to be more precise, its older versions. If you want to take extra precautions, you could install a reliable antimalware tool and take care of other weaknesses your computer could have, e.g., weak passwords, unsecured RDP connections, and so on.

Researchers say that MedusaHTTP might be used to take down systems that the hackers behind the malware may target. It could be various organizations or businesses that the cybercriminals seek to cause damage to, disrupt their work, etc. To achieve such goals, hackers only need to send a command to the botnet that would make it perform the so-called Distributed Denial of Service or DDoS attack on the targeted systems. To do this, the threat might employ all of its infected devices, also called bots. The malware can connect to the Internet without permission and reboot automatically upon each system restart, so once installed, it is always prepared to carry out requested tasks unless the infected machine is disconnected from the Internet.

Using infected devices to complete hackers' goals may require some or a lot of such machines' resources. As a result, some computers could become slower or fail to load programs/crash them. Also, victims might see changes in their Internet speed as it could slow down visibly. As we said earlier, such symptoms could be attributed to other problems, which might make it challenging to detect MedusaHTTP.

To remove it manually, you would have to delete the malicious application’s created files, which could be difficult. The instructions located below describes how to look for such data and how to remove it, but we cannot promise they will work. That is because the botnet could have many variants that could work slightly differently. Consequently, deleting MedusaHTTP with a reliable antimalware tool is probably the safest bet.

Delete MedusaHTTP

1. Tap Ctrl+Alt+Delete.
2. Pick Task Manager.
3. Select the Processes tab.
4. Look for a process associated with the malware.
5. Select the process and click End Task.
6. Leave Task Manager.
7. Tap Win+E.
8. Go to %APPDATA%
9. Find a malicious file called Asus Gaming.exe or similarly, right-click it, and select Delete.
10. Check the %APPDATA% location again.
11. Delete all suspicious files that could be associated with the botnet.
12. Close File Explorer.
13. Empty Recycle Bin.
14. Restart the computer.