FBI Warns Business Owners: Beware of Increasing Maze Attacks
Posted: January 8, 2020 to News.
Directly on the heels of LockerGoga and MegaCortex, a different strand of ransomware, Maze, which was first discovered nearly a year ago, started to target private companies in the US in November, and the FBI wants to make sure you know about it. Just two days after issuing an alert for LockerGoga and MegaCortex, the FBI has issued a "TLP: Green" alert for Maze, meaning that they are only able to release limited details; otherwise, they may aid hackers. That being said, the FBI is strongly urging any victims to share the details of their attack with them; any details may be able to assist agents in finding the cyber attackers. In the alert, victims of Maze ransomware attacks were urged to share information with the FBI as soon as possible to help its agents trace the attackers and bring them to justice.What is Maze?
After a successful breach, Maze replicates the data it accesses before it encrypts it. Once encrypted, Maze sends a ransom to its victims. Where Maze is a little bit more insidious, however, is that the data thieves threaten to not only destroy the files if they don't receive payment, but to also publish it, which is something the City of Pensacola and a Georgia-based wire and cabling firm, Southwire, discovered when they did not pay up.How does Maze infiltrate their victims?
Maze has successfully breached their victims using:- Felonious cryptocurrency websites
- Malspam
- Phishing scams (as government agencies and security vendors)
- Expoit kits (i.e. Fallout downloads)