Cybercriminals always find new ways to scam you, whether they mimic government agencies, create fake websites, or deliver malware poses as software updates. When you think you’ve seen it all, they come up with a new trick.
This time, the FBI has issued an alert. Hackers use “time travel” techniques to bypass security measures on devices. No, we’re not talking about actual time travel (isn’t that something?). This is a sophisticated cyberattack in which hackers control the system’s internal clock to secretly sneak past security defenses.
Join us for the free CyberGuy Report. Get instant access to the free Ultimate Scam Survival Guide by signing up for expert technical tips, important security alerts, exclusive deals, and more.
Man working on laptop (Kurt “Cyberguy” Knutsson)
What you need to know
The concept of “time travel hackers” refers to not literal time travel, but sophisticated cyberattack technology in which hackers operate the internal clock of a system to bypass security measures. The attack is reportedly linked to a Medusa ransomware gang.
In this type of attack, hackers expired by changing the system date of the target device to when those certificates were still valid. For example, a security certificate that expired in 2020 can be made available again if the system clocks are returned to 2019. This allows malicious software with these old certificates to be recognized as legitimate by the system and can effectively “return in time” from a security standpoint.
This technique was used in a Medusa ransomware attack that urged FBI Cybersecurity Advisory (AA25-071A) in 2025, targeting critical infrastructure. The attacker combined this method with social engineering to amplify and amplify the threat.
The FBI warns that such attacks pose serious risks as they can disable modern security protections such as Windows Defender by tricking the system into accepting outdated drivers and software.
Woman working on laptop scrolling on phone (Kurt “Cyberguy” Knutsson)
doubleclickjacking hack turns double clicks and considers acquisitions
What does the FBI recommend?
The FBI is urging organizations to take action quickly, warning that this technique can pass traditional defenses by utilizing a way of trusting old certificate data.
To stay protected, we recommend turning on two-factor authentication (2FA) everywhere, especially for important things like webmail and VPNs. It also helps you to set strong endpoint protection and clear security policies, such as device clocks suddenly go back in time, and to pay attention to strange changes to your system settings.
Man working on a laptop (Kurt “Cyberguy” Knutsson)
Relentless Hacker abandons Windows to target Apple ID
5 Ways to Stay Safe from Medusa Malware
1) Use powerful antivirus software. Powerful virus prevention is more than just catching old school viruses. It can detect phishing links, block malicious downloads, and stop ransomware before you get a footing. Medusa Gang uses fake updates and social engineering to trick users, so having powerful antivirus software adds a critical layer of protection against threats you don’t think will come. Get the best 2025 Antivirus Protection Winners recommendations for Windows, Mac, Android and iOS devices.
2) Enabling 2-Factor Authentication (2FA): The FBI recommends enabling 2FA on all services, especially for high value targets such as webmail accounts, VPNs, and remote access tools. 2FA makes it extremely difficult for attackers to infiltrate, even if they could steal usernames and passwords through phishing or other tactics.
3) Use strong and unique passwords: Many ransomware groups, including Medusa, rely on reusable or weak passwords to gain access. Using a strong password (think long, random, and uniquely for each account) significantly reduces that risk. Password managers help you generate and store complex passwords, so you don’t have to remember them all yourself. For more information about my best expert reviewed password managers of 2025, click here.
4) Monitor for suspicious system time changes: The core of this “time travel” attack is clock manipulation. This allows outdated and potentially malicious software to appear trustworthy. Be aware of unexpected system time changes. If you are managing your organization, use the tool that flags and logs these types of configuration shifts.
5) Maintain known vulnerabilities in system updates and patches: Medusa ransomware campaigns have a proven track record of exploiting unearned systems. This means that outdated software, outdated drivers, and ignored security updates can all become entry points. Regularly installing OS, applications and driver updates is one of the most effective ways to stay protected. Do not postpone these system notifications. They exist for a reason.
Clickfix malware will trick you into infecting your own Windows PC
Important points of cart
The Medusa attack is a great example of how cybercriminals change their tactics. Instead of relying on traditional methods such as brute force or obvious exploits, it targets basic logic that relies on the system to function. In this case, it’s as simple as a system clock. This type of strategy challenges the way you think about security. It’s not only about building stronger defenses, but also about questioning the default assumptions built into the technology you use every day.
Do you think technology companies can better support individual users in securing their data and devices? Please let us know by writing to cyberguy.com/contact.
For more information about my tech tips and security alerts, head to cyberguy.com/newsletter and subscribe to our free Cyberguy Report newsletter.
Please ask Cart questions or tell us what stories you would like us to cover.
Follow your cart on his social channels:
Answers to the most accused Cyber ​​Guy questions:
New from Cart:
Copyright 2025 cyberguy.com. Unauthorized reproduction is prohibited.
