Maze ransomware is at it again. The infamous threat has recently been observed targeting the systems of US aerospace services provider VT San Antonio Aerospace (VT SAA).
VT SAA recently disclosed that it suffered Maze ransomware attack, resulting in the exposure of sensitive company data, including contract details with various governments, government-related organizations and airlines.
In all, hackers stole 1.5 TB of data. To accomplish such a feat, hackers accessed a compromised Administrator account via a remote desktop connection and attacked the company's domain controllers, intranet servers and file servers on two domains.
General Manager of VT SAA Ed Onwe spoke with Bleeping Computer about the Maze ransomware attack, explaining VT SAA “discovered that a sophisticated group of cyber criminals, known as the Maze group, gained unauthorized access to our network and deployed a ransomware attack.”
“Upon discovering the incident, the Company took immediate action, including disconnecting certain systems from the network, retaining leading third-party forensic advisors to help investigate and notifying appropriate law enforcement authorities,” Onwe added.
The first week of June saw many disclosures from other high-profile organizations targeted by Maze ransomware too. Westech International, a US military nuclear missile contractor, recently announced being hit with a Maze ransomware attack.
After gaining unauthorized access to Westech International's internal network, hackers encrypted the company's machines and pressured the company into paying a fee by leaking confidential company documents online.
Other companies impacted by Maze ransomware attacks this month include the ST Engineering Group, Conduent, TekCollect & AmerAssist, the Smith Group, Kerr Controls, and others.
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation
-
Security leaders overconfident about ransomware recoveryNews Few manage to recover all their data, and many experience business disruption
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in life
News With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
-
Ransomware gangs are using employee monitoring software as a springboard for cyber attacks
News Two attempted attacks aimed to exploit Net Monitor for Employees Professional and SimpleHelp
-
Ransomware gangs are sharing virtual machines to wage cyber attacks on the cheap – but it could be their undoingNews Thousands of attacker servers all had the same autogenerated Windows hostnames, according to Sophos
-
Google issues warning over ShinyHunters-branded vishing campaignsNews Related groups are stealing data through voice phishing and fake credential harvesting websites
