August 11, 2025 By Pierluigi Paganini
MedusaLocker ransomware gang announced on its Tor data leak site that it is looking for new pentesters.
MedusaLocker is a ransomware strain that was first observed in late 2019, it encrypts files on infected systems and demands a ransom, usually in cryptocurrency, for their decryption.
The group operates as Ransomware-as-a-Service (RaaS), meaning affiliates can rent the ransomware in exchange for a cut of the profits.
MedusaLocker ransomware gang announced on its Tor data leak site that it is looking for new pentesters.
Why Would a Ransomware Gang Hire a Pen Tester?
It may sound strange at first, the kind of job ad you’d expect to find on LinkedIn, not on a dark web forum, but in the cybercriminal underground, recruiting skilled penetration testers is not uncommon. In fact, it’s a natural evolution of the ransomware economy. Just as legitimate companies hire security professionals to test and strengthen their defenses, ransomware operators are hiring them to probe, map, and exploit weaknesses in target networks. The difference is in the intent: one aims to protect, the other to profit through extortion.
