Maze ransomware operators are busy updating their list of victims, by targeting a large number of organizations almost every day. Recently, they claimed to have added the Xerox Corporation to their victim list.

Xerox inked with data leak incident

Xerox, the US-based printing solutions provider, allegedly became a victim of a network intrusion and data breach incident.

  • In June, Maze ransomware operators had targeted the Xerox Corporation and had stolen more than 100 GB of files before encrypting them.
  • As a proof of hack, Maze group published a set of 10 screenshots, showing their network shares on the domain eu.xerox[.]net, a ransom note, and the directory listings from June 24, which suggested that the attackers had access to those networks till June 25, 2020.
  • Maze ransomware operators had already included the name of Xerox in the list of the victims published on their leak site on June 24.
  • In the end of June, Maze operators had leaked the data of several victim organizations including LG Electronics, that refused to pay the ransom. Along with that data, Maze gang also did some promotions by posting names of other targeted victims (Xerox being one of them), without posting and other details about the attack.

Maze operators have been targeting organizations across a wide spread of sectors and geographical regions, which seems to be an ad-hoc attack strategy. However, it has also adopted the big game hunting approach to target extract large ransoms from high-profile organizations.

  • The group usually targets one high-profile or high-valued victim every week, like LG Electronics, Conduent, Pitney Bowes, Cognizant, and others.
  • Several small or medium-sized firms are targeted on an almost daily basis, as per the additions made to its victim’s list.

For more information, check out the full article on Cyware.

Leave a Reply