Maze ransomware operators are busy updating their list of victims, by targeting a large number of organizations almost every day. Recently, they claimed to have added the Xerox Corporation to their victim list.

Xerox inked with data leak incident

Xerox, the US-based printing solutions provider, allegedly became a victim of a network intrusion and data breach incident.
  • In June, Maze ransomware operators had targeted the Xerox Corporation and had stolen more than 100 GB of files before encrypting them.
  • As a proof of hack, Maze group published a set of 10 screenshots, showing their network shares on the domain eu.xerox[.]net, a ransom note, and the directory listings from June 24, which suggested that the attackers had access to those networks till June 25, 2020.
  • Maze ransomware operators had already included the name of Xerox in the list of the victims published on their leak site on June 24.

A busy threat monger

Maze ransomware operators have kept busy with targeted attacks, and promoting their data leak site as well.

Interesting trend or a coincidence

Maze operators have been targeting organizations across a wide spread of sectors and geographical regions, which seems to be an ad-hoc attack strategy. However, it has also adopted the big game hunting approach to target extract large ransoms from high-profile organizations.
  • The group usually targets one high-profile or high-valued victim every week, like LG Electronics, Conduent, Pitney Bowes, Cognizant, and others.
  • Several small or medium-sized firms are targeted on an almost daily basis, as per the additions made to its victim’s list.


Cyware Publisher

Publisher

Cyware