Maze ransomware gang retires from cyber crime

Visual representation of ransomware by showing encrypted files on a display
(Image credit: Shutterstock)

The Maze ransomware gang, behind some of the most notorious attacks of 2020, has announced that it’s shutting down its operations for good.

The notorious group, first discovered in May 2019, built a solid reputation in a short space of time to encrypt all the files it can on infected systems before demanding a ransom to return the documents.

Maze distinguished itself from several other groups in the way it threatened to release the information over the internet should the ransom not have been paid. It’s a method that has since inspired other groups, such as Ryuk, Mount Locker and REvil, to set up their own sites and threaten public disclosure in a similar way.

The gang would have issued a warning that they were planning to release details of a security breach, or distribute commercially valuable information, and use stolen data to attack clients and partners.

Maze has been highly active over the last year and a half, most recently using its devastating strain to cripple the systems of several large companies, including Canon in August, as well as a Xerox in July.

The group, meanwhile, targeted the systems of several major organisations in June, including VT San Antonio Aerospace and MaxLinear, in attacks that involved hackers stealing large volumes of data. Cognizant, too, fell victim to Maze in April, in an attack which led to the loss of up to $70 million for the IT services provider.

“The Project is closed,” the press release said, according to cyber security expert Graham Cluley. “Maze Team Project is announcing it is officially closed. All the links to out project, using of our brand, our work methods should be considered to be a scam.


2020 Cyber Threat Intelligence (CTI) survey

How to measure the effectiveness of your CTI programme


“We never had partners or official successors. Our specialists do not works with any other software. Nobody and never will be able to host new partners at our news website. The Maze cartel was never exists and is not existing now. It can be found only inside the heads of the journalists who wrote about it [sic].”

The group continued to warn about the way that cryptocurrency markets are changing, with the value of digital currencies rising “higher and higher”, to the extent all Bitcoin will be concentrated in the hands of a few. The suggestion is that these market shifts may affect how lucrative the Maze group’s cyber crime antics may be in the future.

Keumars Afifi-Sabet

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.