Fbi Warns Of Time-traveling Hackers

Cybercriminals ever find caller ways to scam you, whether it’s mimicking a authorities agency, creating a clone website aliases delivering malware disguised arsenic a package update. Just erstwhile you deliberation you’ve seen it all, they travel up pinch a caller trick.

This time, nan FBI has issued an alert: Hackers are utilizing a "time-traveling" method to bypass your device’s information measures. No, we’re not talking astir existent clip recreation (though wouldn’t that beryllium something?). This is simply a blase cyberattack wherever hackers manipulate a system's soul timepiece to sneak past information defenses.

Join The FREE "CyberGuy Report": Get my master tech tips, captious information alerts and exclusive deals, positive instant entree to my free "Ultimate Scam Survival Guide" when you motion up.

A man moving connected his laptops (Kurt "CyberGuy" Knutsson)

What you request to know

The conception of "time-traveling hackers" refers not to literal clip recreation but to a blase cyberattack method wherever hackers manipulate a system's soul timepiece to bypass information measures. This onslaught is reportedly tied to nan Medusa ransomware gang.

In this type of attack, hackers utilization expired information certificates by altering nan strategy day connected a targeted instrumentality to a clip erstwhile those certificates were still valid. For example, a information certificate that expired in, say, 2020 could beryllium made usable again if nan system's timepiece is group backmost to 2019. This allows malicious package signed pinch these outdated certificates to beryllium recognized arsenic morganatic by nan system, efficaciously "traveling backmost successful time" from a information perspective. 

This method was notably utilized successful nan Medusa ransomware attacks, which targeted captious infrastructure and prompted an FBI cybersecurity advisory (AA25-071A) earlier successful 2025. The run has affected complete 300 captious infrastructure targets. The attackers mixed this method pinch societal engineering and exploited unpatched vulnerabilities, amplifying nan threat. 

The FBI has warned that specified attacks airs a important risk, arsenic they tin disable modern information protections for illustration Windows Defender by tricking nan strategy into accepting outdated drivers aliases software.

A female moving connected her laptop and scrolling connected her phone (Kurt "CyberGuy" Knutsson)

DOUBLECLICKJACKING HACK TURNS DOUBLE-CLICKS INTO ACCOUNT TAKEOVERS

What does nan FBI recommend?

Traditional hunt and rescue tools, for illustration rigid robots and specialized cameras, often struggle successful disaster zones. Cameras travel only consecutive paths, forcing teams to trim done debris conscionable to spot further in. Rigid robots are susceptible successful tight, unstable spaces and costly to repair erstwhile damaged. And manual probing is slow, exhausting and risks responder safety.

A man moving connected his laptop (Kurt "CyberGuy" Knutsson)

RELENTLESS HACKERS ABANDON WINDOWS TO TARGET YOUR APPLE ID

5 ways to enactment safe from Medusa malware

1) Use beardown antivirus software: A beardown antivirus isn’t conscionable for catching old-school viruses anymore. It tin observe phishing links, artifact malicious downloads and extremity ransomware earlier it gets a foothold. Since nan Medusa pack uses clone updates and societal engineering to instrumentality users, having beardown antivirus package adds a captious furniture of protection against threats you mightiness not spot coming. Get my picks of nan champion 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

2) Enable two-factor authentication (2FA): The FBI specifically recommends enabling 2FA crossed each services, particularly for high-value targets for illustration webmail accounts, VPNs and distant entree tools. 2FA makes it importantly harder for attackers to break in, moreover if they’ve managed to bargain your username and password done phishing aliases different tactics.

3) Use strong, unsocial passwords: Many ransomware groups, including Medusa, trust connected reused aliases anemic passwords to summation access. Using a beardown password (think long, random and unsocial to each account) greatly reduces that risk. A password head tin thief you make and shop analyzable passwords truthful you don’t person to retrieve them each yourself. Get much specifications astir my best expert-reviewed password managers of 2025 here.

4) Monitor for suspicious strategy clip changes: The halfway of this "time-traveling" onslaught is timepiece manipulation: Hackers rotation backmost a device’s timepiece to a clip erstwhile expired information certificates were still valid. This allows outdated and perchance malicious package to look trustworthy. Be alert to unexpected strategy clip changes, and if you're managing an organization, usage devices that emblem and log these types of configuration shifts.

5) Keep systems updated and spot known vulnerabilities: The Medusa ransomware run has a way grounds of exploiting unpatched systems. That intends aged software, outdated drivers and ignored information updates tin each go introduction points. Regularly installing updates for your OS, applications and drivers is 1 of nan astir effective ways to enactment protected. Don't put disconnected those strategy notifications; they beryllium for a reason.

CLICKFIX MALWARE TRICKS YOU INTO INFECTING YOUR OWN WINDOWS PC

Kurt’s cardinal takeaway

The Medusa onslaught is simply a bully illustration of really cybercriminals are shifting tactics. Instead of relying connected accepted methods for illustration brute unit aliases evident exploits, they are targeting nan basal logic that systems dangle connected to function. In this case, it is thing arsenic elemental arsenic nan strategy clock. This benignant of strategy challenges nan measurement we deliberation astir security. It is not conscionable astir building stronger defenses but besides astir questioning nan default assumptions built into nan exertion we usage each day.

How do you deliberation exertion companies tin amended support individual users successful protecting their information and devices? Let america cognize by penning america at Cyberguy.com/Contact.

For much of my tech tips and information alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a mobility aliases fto america cognize what stories you'd for illustration america to cover.

Follow Kurt connected his societal channels:

• Facebook
• YouTube
• Instagram

Answers to nan most-asked CyberGuy questions:

• What is nan champion measurement to protect your Mac, Windows, iPhone and Android devices from getting hacked?
• What is nan champion measurement to enactment private, unafraid and anonymous while browsing nan web?
• How tin I get free of robocalls pinch apps and information removal services?
• How do I region my backstage information from nan internet?

New from Kurt:

• Try CyberGuy's caller games (crosswords, connection searches, trivia and more!)
• CyberGuy's exclusive coupons and deals
• Best gifts for Mom 2025

Copyright 2025 CyberGuy.com. All authorities reserved.