4 August 2020

Maze operators published dozens of GBs of data from LG and Xerox


Maze operators published dozens of GBs of data from LG and Xerox

The operators of the Maze ransomware have published dozens of GBs of internal data stolen from corporate networks of business giants LG and Xerox.

The Maze group is primarily known for its eponymous ransomware. Threat actors break into corporate networks, steal confidential files, and then encrypt the data, demanding a ransom for decryption. If the victim refuses to pay the ransom and decides to restore the data from the backups, the criminals create an entry on their "leaks website" and threaten to publish the victim's confidential data after the second extortion attempt. The victim is then given a few weeks to think over its decision, and if victims don't give in during this second extortion attempt, the Maze gang will publish files on its portal.

Attackers reported the leaks to LG and Xerox back in late June, creating entries for each of the two companies on their portal, but tech giants refused to comply with the criminals' demands. Then hackers released 50.2 GB of LG data and 25.8 GB of Xerox data.

As reported by ZDNet, the stolen data allegedly contains source code for the cloused-source firmware of various LG products, such as phones and laptops. According to the attackers, they did not install ransomware on LG's network, but simply stole the company's corporate records.

"We decided not to execute the Maze ransomware because their clients are socially significant and we do not want to create disruption for their operations, so we only have exfiltrated the data," the Maze told ZDNet.

Maze operators also have stolen information related to customer service operations of Xerox.

Back to the list

Latest Posts

Healthcare provider UHS hit by a ransomware attack

Healthcare provider UHS hit by a ransomware attack

The cause of the incident is believed to be the Ryuk ransomware.
29 September 2020
Apple fixed four dangerous vulnerabilities in macOS

Apple fixed four dangerous vulnerabilities in macOS

Exploitation of some of the problems allows arbitrary code execution on the system.
28 September 2020
200,000 Businesses are exposed to MitM attacks

200,000 Businesses are exposed to MitM attacks

A successful attack could allow an attacker to present a valid SSL certificate and fraudulently take over a connection.
25 September 2020