Maze Ransomware Claims Attack on Xerox Corporation
Maze ransomware operators are busy updating their list of victims, by targeting a large number of organizations almost every day. Recently, they claimed to have added the Xerox Corporation to their victim list.
Xerox inked with data leak incident
Xerox, the US-based printing solutions provider, allegedly became a victim of a network intrusion and data breach incident.
- In June, Maze ransomware operators had targeted the Xerox Corporation and had stolen more than 100 GB of files before encrypting them.
- As a proof of hack, Maze group published a set of 10 screenshots, showing their network shares on the domain eu.xerox[.]net, a ransom note, and the directory listings from June 24, which suggested that the attackers had access to those networks till June 25, 2020.
- Maze ransomware operators had already included the name of Xerox in the list of the victims published on their leak site on June 24.
A busy threat monger
Maze ransomware operators have kept busy with targeted attacks, and promoting their data leak site as well.
- Within the last week of June, Maze operators added names of several organizations as their victims, including VT San Antonio Aerospace, a few Club Fitness franchises in Missouri, WorldNet Telecommunications, Caldwell Toyota, Ostermeier FZE, OWL Underwriting, VirtualGuard, Manson Construction Co., Innotech-Execaire, and CPFL networks.
- In the end of June, Maze operators had leaked the data of several victim organizations including LG Electronics, that refused to pay the ransom. Along with that data, Maze gang also did some promotions by posting names of other targeted victims (Xerox being one of them), without posting and other details about the attack.
Interesting trend or a coincidence
Maze operators have been targeting organizations across a wide spread of sectors and geographical regions, which seems to be an ad-hoc attack strategy. However, it has also adopted the big game hunting approach to target extract large ransoms from high-profile organizations.
- The group usually targets one high-profile or high-valued victim every week, like LG Electronics, Conduent, Pitney Bowes, Cognizant, and others.
- Several small or medium-sized firms are targeted on an almost daily basis, as per the additions made to its victim’s list.