Xerox becomes latest Maze ransomware victim

The ransomware group claims a bunch of new victims including the business printing giant

Code on screen with ransomware in red

The Maze ransomware group has claimed a new set of victims, including Xerox, WorldNet Telecommunications, Columbus Metro Federal Credit Union and Webuild Spa. 

The ransomware group claims to have stolen more than 100GB of files from Xerox and will make them public if the firm doesn’t engage in negotiations for a ransom payment, Bleeping Computer reports.

“After the payment the data will be removed from our disks and decryptor will be given to you, so you can restore your files,” a ransom note sent to Xerox by the Maze operators read.

This comes just weeks after the nefarious ransomware operators leaked source code data belonging to LG Electronics. Cyble stumbled upon the data leak while monitoring the dark web, and has seen screenshots confirming that the Maze hackers were behind the attack. 

“One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently. While the other screenshot seems to list out the source code of its products,” said Cyble.

Cyble was also this week able to confirm a Maze-related data leak targeting the American Osteopathic Association. At the time of reporting, the ransomware operators claimed to have uploaded 5% of the total data leak.

Beyond targeting new victims, Maze has begun posting pre-leak warnings along with the occasional press release. On June 22, the ransomware operators published a press release cautioning its victims against decrypting stolen files. The operators warned victims trying to decrypt files themselves are "more close to suicide than recovery."

In another post, the group provided examples of stolen data from companies that attempted using a negotiator to restore their data but ultimately failed to do so. Those companies included ST engineering, MaxLinear, Conduent and M.J. Brunner.

The Maze group has targeted a wide range of organizations in recent weeks. Recent targets have also included high-profile organizations like VT San Antonio Aerospace and Westech International.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

How can you protect your business from crypto-ransomware?
Security

How can you protect your business from crypto-ransomware?

4 Nov 2019
Xerox officially drops hostile bid for HP amid coronavirus crisis
mergers and acquisitions

Xerox officially drops hostile bid for HP amid coronavirus crisis

1 Apr 2020
HP claims Xerox takeover would be "disastrous" during coronavirus crisis
mergers and acquisitions

HP claims Xerox takeover would be "disastrous" during coronavirus crisis

26 Mar 2020
HP plots $16bn stock buyback as Xerox takeover threat looms
mergers and acquisitions

HP plots $16bn stock buyback as Xerox takeover threat looms

25 Feb 2020

Most Popular

IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
Microsoft makes CRM a "priority" in bid to challenge Salesforce
Business strategy

Microsoft makes CRM a "priority" in bid to challenge Salesforce

21 Oct 2020
What is Neuralink?
Technology

What is Neuralink?

24 Oct 2020