Cybercriminals always find new ways to scam you, whether it’s mimicking a government agency, creating a fake website or delivering malware disguised as a software update. Just when you think you’ve seen it all, they come up with a new trick.
This time, the FBI has issued an alert: Hackers are using a “time-traveling” technique to bypass your device’s security measures. No, we’re not talking about actual time travel (though wouldn’t that be something?). This is a sophisticated cyberattack where hackers manipulate a system’s internal clock to sneak past security defenses.
Join The FREE “CyberGuy Report”: Get my expert tech tips, critical security alerts and exclusive deals, plus instant access to my free “Ultimate Scam Survival Guide” when you sign up.

A man working on his laptops (Kurt “CyberGuy” Knutsson)
What you need to know
The concept of “time-traveling hackers” refers not to literal time travel but to a sophisticated cyberattack technique where hackers manipulate a system’s internal clock to bypass security measures. This attack is reportedly tied to the Medusa ransomware gang.
In this type of attack, hackers exploit expired security certificates by altering the system date on a targeted device to a time when those certificates were still valid. For example, a security certificate that expired in, say, 2020 could be made usable again if the system’s clock is set back to 2019. This allows malicious software signed with these outdated certificates to be recognized as legitimate by the system, effectively “traveling back in time” from a security perspective.
This technique was notably used in the Medusa ransomware attacks, which targeted critical infrastructure and prompted an FBI cybersecurity advis ory 
The FBI has warned that such attacks pose a significant risk, as they can disable modern security protections like Windows Defender by tricking the system into accepting outdated drivers or software.

A woman working on her laptop and scrolling on her phone (Kurt “CyberGuy” Knutsson)
DOUBLECLICKJACKING HACK TURNS DOUBLE-CLICKS INTO ACCOUNT TAKEOVERS
What does the FBI recommend?
The FBI is urging organizations to take action quickly, warning that this technique can slip past traditional defenses by taking advantage of how systems trust old certificate data.
To stay protected, they recommend turning on two-factor authentication (2FA) everywhere, especially for important stuff like webmail and VPNs. It also helps to have strong endpoint protection and clear security policies and to keep an eye out for any weird changes to system settings, like the device clock suddenly jumping back in time.

A man working on his laptop (Kurt “CyberGuy” Knutsson)
RELENTLESS HACKERS ABANDON WINDOWS TO TARGET YOUR APPLE ID
5 ways to stay safe from Medusa malware
1) Use strong antivirus software: A strong antivirus isn’t just for catching old-school viruses anymore. It can detect phishing links, block malicious downloads and stop ransomware before it gets a foothold. Since the Medusa gang uses fake updates and social engineering to trick users, having strong antivirus software adds a critical layer of protection against threats you might not see coming. Get my picks of the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
2) Enable two-factor authentication (2FA): The FBI specifically recommends enabling 2FA across all services, especially for high-value targets like webmail accounts, VPNs and remote access tools. 2FA makes it significantly harder for attackers to break in, even if they’ve managed to steal your username and password through phishing or other tactics.
3) Use strong, unique passwords: Many ransomware groups, including Medusa, rely on reused or weak passwords to gain access. Using a strong password (think long, random and unique to each account) greatly reduces that risk. A password manager can help you generate and store complex passwords so you don’t have to remember them all yourself. Get more details about my best expert-reviewed password managers of 2025 here.
4) Monitor for suspicious system time changes: The core of this “time-traveling” attack is clock manipulation: Hackers roll back a device’s clock to a time when expired security certificates were still valid. This allows outdated and potentially malicious software to appear trustworthy. Be alert to unexpected system time changes, and if you’re managing an organization, use tools that flag and log these types of configuration shifts.
5) Keep systems updated and patch known vulnerabilities: The Medusa ransomware campaign has a track record of exploiting unpatched systems. That means old software, outdated drivers and ignored security updates can all become entry points. Regularly installing updates for your OS, applications and drivers is one of the most effective ways to stay protected. Don’t put off those system notifications; they exist for a reason.
CLICKFIX MALWARE TRICKS YOU INTO INFECTING YOUR OWN WINDOWS PC
Kurt’s key takeaway
The Medusa attack is a good example of how cybercriminals are shifting tactics. Instead of relying on traditional methods like brute force or obvious exploits, they are targeting the basic logic that systems depend on to function. In this case, it is something as simple as the system clock. This kind of strategy challenges the way we think about security. It is not just about building stronger defenses but also about questioning the default assumptions built into the technology we use every day.
How do you think technology companies can better support individual users in protecting their data and devices? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/NewsletterAsk Kurt a question or let us know what stories you’d like us to coverCyberGuy.com.
 
																		 
																		 
																		 
																		







