The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online.
The Maze ransomware also implements data harvesting capabilities, operators are threatening to release the data for all those victims who refuse to pay the ransom.
The operators behind the Maze ransomware have set up a website where they have published the list names of eight companies that allegedly refused to pay the ransom.
The website includes data related to the infection, including the date of the attack, some stolen documents (Office, text and PDF files), the size of stolen data, and the list of IP addresses and machine names of the infected servers.
In December, Maze ransomware operators have released 2GB of files that were allegedly stolen from the City of Pensacola during the recent attack.
The Maze operators released 2GB out of 32GB of files that they claim to have stolen during the attack on the city network.
The gang has now released an additional 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer.
The attack against the company took place in December, the hackers infected 878 systems on the company network and stole 120GB of files.
The Maze gang demanded $6 million worth of bitcoins to avoid the leak of Southwire’s stolen files, but the company refused to pay the ransom.
Then Maze operators uploaded some of the company’s files to its
Southwire filed a lawsuit against Maze in Georgia courts for illegally accessing their network, stealing data, encrypting computers, and publishing the stolen data after a ransom was not paid.
The company asked the web hosting provider who was hosting the Maze site to shut down it.
The Maze operators released an additional 14.1GB of stolen files belonging to Southwire on a Russian hacking forum and announced that they plan to release 10% of the data every week unless the ransom is paid.
“But now our website is
At this point, Southwire executives need to evaluate is it is better to pay the ransom to avoid to sustain greater costs for data being exposed.
(SecurityAffairs – Maze ransomware, cybercrime)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.