Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them.
The company did not disclose the cyberattack, but the Maze ransomware operators published some screenshots that show that a Xerox domain has been encrypted. One screenshot shows that hosts on “eu.xerox.net,” managed by Xerox Corporation, was hacked.
Another screenshot shows that the ransomware operators were in the Xerox network till June 25th, 2020.
Xerox Corporation is an American corporation that sells print and digital document products and services in more than 160 countries. The company declared over $1.8 billion in revenue in Q1 2020 and has 27,000 employees across the globe. It’s currently tracking at 347 of the Fortune 500 list.
On June 24, Maze ransomware operators included Xerox in the list of the victims published on their leak site.
“The Cyble Research Team has identified and analyzed the proof. It consists of multiple screenshots showing the compromised server(s) files and data encrypted by the ransomware.” reads the post published by threat intelligence firm. “One of the snapshot consists of a warning message stating Xerox to contact the operators within 3 days, otherwise, the information about the breach would be posted on Maze public news website. (which has been crossed and breach information posted above)”
Maze ransomware operators claim to have stolen more than 100GB of files from Xerox and threaten to publish them is the company will not may the ransom.
If the victims of the group will pay the ransom, the Maze gang will finally remove stolen data from its disks and still provide a decryptor to restore files.
Last week, Maze ransomware operators claimed to have breached the South Korean multinational electronics company LG Electronics.
Recently Maze Ransomware gang breached the US chipmaker MaxLinear and Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions.
Maze ransomware operators are very active in this period, recently they have stolen data from US military contractor Westech and the ST Engineering group, and they have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week.
(SecurityAffairs – hacking, Maze Ransomware operators)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.