The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online.
The Maze ransomware also implements data harvesting capabilities, operators are threatening to release the data for all those victims who refuse to pay the ransom.
The operators behind the Maze ransomware have set up a website where they have published the list names of eight companies that allegedly refused to pay the ransom.
“To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of quietly acquiescing to their tormentors.” reads a post published by the popular investigator Brian Krebs.
“Less than 48 hours ago, the
The website includes data related to the infection, including the date of the attack, some stolen documents (Office, text and PDF files), the size of stolen data, and the list of IP addresses and machine names of the infected servers.
“Represented here companies
This move is shocking and brings the ransomware attack to a higher level of threat, we can expect that other cybercrime gangs will adopt a similar strategy to blackmail the victims and force them to pay the ransom.
In November 2019, a new threat actor tracked as TA2101 launched malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy.
Once the user opened the attachment and enabled the macros, the malicious code will install the Cobalt Strike pentesting tool or the Maze Ransomware on the victim’s computer.
The threat actors also targeted IT support companies to compromise their MSP and use it to deliver the Maze Ransomware to its clients.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.