Threat Watch

Maze Adds New Victims to Leak Website

Maze: The actors behind the Maze ransomware have updated their website with new victims, including the New York-based company Threadstone Advisors. Threadstone is an independent advisory firm that specializes in mergers and acquisitions in the consumer and retail sectors. The announcement of the attack was posted to the group’s website on June 11th and included the phone number and email address of the company’s managing director. Files providing proof of the attack have not yet been released by Maze, so the amount of data the group accessed is not known at this time.

ANALYST NOTES

The threat by ransomware groups to post the stolen data has been a growing trend throughout the industry. Whether or not the ransom is paid to the actors to restore encrypted files, they still have the data that was stolen in the attack, which gives the threat actors additional leverage to demand payment in return for a promise to not sell or publicly release the files. Companies that pay the ransom are relying on the word of the threat actors that they will not release the data at a later date. In any case, keeping regular backups of data will prevent downtime within an organization if documents are encrypted, but detecting and stopping attacks quickly is the best way to avoid the difficult situation of having to negotiate with criminals or pay for a promise to not leak sensitive files. Maze has requested large sums of money in the past for their ransoms, and at the time of writing, no comment from Threadstone has been made about the attack.

More can be read here: https://www.infosecurity-magazine.com/news/maze-attacks-victoria-beckhams/?&web_view=true