Xerox becomes latest Maze ransomware victim

The ransomware group claims a bunch of new victims including the business printing giant

The Maze ransomware group has claimed a new set of victims, including Xerox, WorldNet Telecommunications, Columbus Metro Federal Credit Union and Webuild Spa. 

The ransomware group claims to have stolen more than 100GB of files from Xerox and will make them public if the firm doesn’t engage in negotiations for a ransom payment, Bleeping Computer reports.

“After the payment the data will be removed from our disks and decryptor will be given to you, so you can restore your files,” a ransom note sent to Xerox by the Maze operators read.

This comes just weeks after the nefarious ransomware operators leaked source code data belonging to LG Electronics. Cyble stumbled upon the data leak while monitoring the dark web, and has seen screenshots confirming that the Maze hackers were behind the attack. 

“One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently. While the other screenshot seems to list out the source code of its products,” said Cyble.

Cyble was also this week able to confirm a Maze-related data leak targeting the American Osteopathic Association. At the time of reporting, the ransomware operators claimed to have uploaded 5% of the total data leak.

Beyond targeting new victims, Maze has begun posting pre-leak warnings along with the occasional press release. On June 22, the ransomware operators published a press release cautioning its victims against decrypting stolen files. The operators warned victims trying to decrypt files themselves are "more close to suicide than recovery."

In another post, the group provided examples of stolen data from companies that attempted using a negotiator to restore their data but ultimately failed to do so. Those companies included ST engineering, MaxLinear, Conduent and M.J. Brunner.

The Maze group has targeted a wide range of organizations in recent weeks. Recent targets have also included high-profile organizations like VT San Antonio Aerospace and Westech International.

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

Best ransomware removal tools
ransomware

Best ransomware removal tools

16 Dec 2020
DocuShare flaws could lead to data leakage unless you install these patches
vulnerability

DocuShare flaws could lead to data leakage unless you install these patches

4 Dec 2020
Xerox officially drops hostile bid for HP amid coronavirus crisis
mergers and acquisitions

Xerox officially drops hostile bid for HP amid coronavirus crisis

1 Apr 2020
HP claims Xerox takeover would be "disastrous" during coronavirus crisis
mergers and acquisitions

HP claims Xerox takeover would be "disastrous" during coronavirus crisis

26 Mar 2020

Most Popular

150,000 arrest records accidentally deleted from police database
data management

150,000 arrest records accidentally deleted from police database

15 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021