Maze Ransomware Does It Again, This Time Targets US Aerospace Services Provider

Maze group, the threat actor infamous for targeting enterprises with Maze ransomware, seems to continue its attacking spree with full intensity. Now, it has targeted an aerospace maintenance service provider, that has several contracts with US government and airlines.

VT San Antonio Aerospace targeted

  • Recently, it was disclosed that the Maze Ransomware gang targeted the systems of US aerospace services provider VT San Antonio Aerospace in March 2020.
  • The threat actors used a compromised Administrator account, accessed via remote desktop connection, and attacked the company's domain controllers, intranet servers, and file servers on two domains.
  • The group claims to have stolen 1.5 TB of unencrypted files, and a number of files and sensitive data has been posted on their leak site already.

Maze group wreaking havoc

Maze group seems to be working on a dedicated mission of targeting enterprises across the globe. Here is a quick summary of its recent activities:

Security tips

To avoid threats like Maze, organizations must keep their operating systems and application software updated, avoid clicking on pop-up ads, opening unsolicited email attachments, and downloading cracked software from unoffocial sources.