IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Maze ransomware gang retires from cyber crime

The statement released by the group suggests cryptocurrency market shifts might be pricing the group out of operations

The Maze ransomware gang, behind some of the most notorious attacks of 2020, has announced that it’s shutting down its operations for good.

The notorious group, first discovered in May 2019, built a solid reputation in a short space of time to encrypt all the files it can on infected systems before demanding a ransom to return the documents. 

Maze distinguished itself from several other groups in the way it threatened to release the information over the internet should the ransom not have been paid. It’s a method that has since inspired other groups, such as Ryuk, Mount Locker and REvil, to set up their own sites and threaten public disclosure in a similar way. 

The gang would have issued a warning that they were planning to release details of a security breach, or distribute commercially valuable information, and use stolen data to attack clients and partners.

Maze has been highly active over the last year and a half, most recently using its devastating strain to cripple the systems of several large companies, including Canon in August, as well as a Xerox in July. 

The group, meanwhile, targeted the systems of several major organisations in June, including VT San Antonio Aerospace and MaxLinear, in attacks that involved hackers stealing large volumes of data. Cognizant, too, fell victim to Maze in April, in an attack which led to the loss of up to $70 million for the IT services provider. 

“The Project is closed,” the press release said, according to cyber security expert Graham Cluley. “Maze Team Project is announcing it is officially closed. All the links to out project, using of our brand, our work methods should be considered to be a scam.

Related Resource

2020 Cyber Threat Intelligence (CTI) survey

How to measure the effectiveness of your CTI programme

Download now

“We never had partners or official successors. Our specialists do not works with any other software. Nobody and never will be able to host new partners at our news website. The Maze cartel was never exists and is not existing now. It can be found only inside the heads of the journalists who wrote about it [sic].”

The group continued to warn about the way that cryptocurrency markets are changing, with the value of digital currencies rising “higher and higher”, to the extent all Bitcoin will be concentrated in the hands of a few. The suggestion is that these market shifts may affect how lucrative the Maze group’s cyber crime antics may be in the future.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022
How do you become an ethical hacker?
ethical hacking

How do you become an ethical hacker?

29 Apr 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022