IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Xerox becomes latest Maze ransomware victim

The ransomware group claims a bunch of new victims including the business printing giant

The Maze ransomware group has claimed a new set of victims, including Xerox, WorldNet Telecommunications, Columbus Metro Federal Credit Union and Webuild Spa. 

The ransomware group claims to have stolen more than 100GB of files from Xerox and will make them public if the firm doesn’t engage in negotiations for a ransom payment, Bleeping Computer reports.

“After the payment the data will be removed from our disks and decryptor will be given to you, so you can restore your files,” a ransom note sent to Xerox by the Maze operators read.

This comes just weeks after the nefarious ransomware operators leaked source code data belonging to LG Electronics. Cyble stumbled upon the data leak while monitoring the dark web, and has seen screenshots confirming that the Maze hackers were behind the attack. 

“One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently. While the other screenshot seems to list out the source code of its products,” said Cyble.

Cyble was also this week able to confirm a Maze-related data leak targeting the American Osteopathic Association. At the time of reporting, the ransomware operators claimed to have uploaded 5% of the total data leak.

Beyond targeting new victims, Maze has begun posting pre-leak warnings along with the occasional press release. On June 22, the ransomware operators published a press release cautioning its victims against decrypting stolen files. The operators warned victims trying to decrypt files themselves are "more close to suicide than recovery."

In another post, the group provided examples of stolen data from companies that attempted using a negotiator to restore their data but ultimately failed to do so. Those companies included ST engineering, MaxLinear, Conduent and M.J. Brunner.

The Maze group has targeted a wide range of organizations in recent weeks. Recent targets have also included high-profile organizations like VT San Antonio Aerospace and Westech International.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Xerox CEO John Visentin dies unexpectedly aged 59
Careers & training

Xerox CEO John Visentin dies unexpectedly aged 59

30 Jun 2022
Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT
ransomware

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT

13 Apr 2022
Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021

Most Popular

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022