What is MedusaHTTP?

Do you want your operating system exploited in the attacks performed by cybercriminals? Of course, you do not, and that is why MedusaHTTP is the threat that you need to be very aware of. According to our malware experts at, if this infection is able to invade your operating system, that could give remote attackers greater powers to perform attacks against companies, governments, and other big targets. Surely, you do not want to be involved. Unfortunately, once this malware adds your system to the botnet – a large system of Internet-connected devices – you might be unaware of it. This is why it is important to have your system protected and updated, and why routine system scans must be performed. So, have you identified this threat already? If you have, your goal is to delete MedusaHTTP as soon as possible. Please continue reading this report to learn how to perform removal, as well as how to secure your operating system against this malware in the future.

How does MedusaHTTP work?

Do you know how malware spreads? There are all kinds of methods that attackers can use, but when it comes to MedusaHTTP, it appears that a vulnerability in Flash Player (CVE-2018-4878) is exploited. An exploit tool called RIG EK uses this vulnerability to display ads, and clicking on them can execute the infection. It is most likely that you would find it in the %APPDATA% directory as “Asus Gaming.exe.” Of course, we cannot guarantee that the name of this file would not change. In fact, we can bet that it would. Once the file is executed, attackers acting remotely can tell MedusaHTTP to perform very specific commands. Since this threat is identified as a DDoS botnet, distributed denial-of-service attacks are most likely to be performed using it. What does that entail? Attackers behind DDoS attackers are generally interested in messing with the traffic of large networks and servers. The goal is to use all infected devices to intercept normal traffic of the targeted systems with all-encompassing traffic. This can cause major security issues, help malware invade without immediate detection, create an expansive financial burden, implicate outside parties who rely on the affected systems, and create chaos in general.

As you know, most problems cannot be resolved unless the roots of those problems are identified and removed. Unfortunately, it is unlikely that the roots of MedusaHTTP will be removed any time soon. The creator of this botnet has been selling it on underground markets for years now, and it all started with MedusaIRC in 2015. The HTTP version emerged in 2017. That, however, does not mean that Windows users are helpless against this infection. When vulnerabilities are involved, simple patches can do a great job. The CVE-2018-4878 vulnerability exists in Adobe Flash Player (version and earlier), but it has been patched already. Obviously, if you skip updates, vulnerabilities can remain open to exploitation forever, which is why you should be more cautious. ALWAYS install all updates that come in because that is one of the most important measures of ensuring full protection.

How to delete MedusaHTTP

Unfortunately, even if you install all updates, ignore all ads, and get in the habit of scanning your operating system frequently, you might not be completely guarded against malware. Caution is important, and you need to be on top of updates and avoid suspicious ads, links, emails, message, or downloads, but you also need good protection. A reliable anti-malware program can take care of that. It also can automatically remove MedusaHTTP along with other threats that might have invaded your operating system without your notice. Obviously, you can try to delete the infection manually, and we have created a manual removal guide for that purpose, but full protection is not something that is easily achieved manually. So, what are you going to do? Will you start taking security and software updates more seriously? Will you be more cautious? If there is anything you want to discuss further, post a comment below.

Removal Instructions

  1. Launch Explorer by tapping Win+E keys.
  2. Enter %APPDATA% into the bar at the top to access the directory.
  3. Look for unfamiliar .exe files that could be malware.
  4. If you can identify malicious files, right-click and Delete them right away.
  5. Empty Recycle Bin and then immediately install a genuine malware scanner.
  6. Perform a full system scan, and if threats are detected, erase them immediately. 100% FREE spyware scan and
    tested removal of MedusaHTTP*

Leave a Comment

Enter the numbers in the box to the right *