22 matches found
Wazawaka Goes Waka Waka
In January, KrebsOnSecurity examined clues left behind by "Wazawaka," the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since "lost his mind" according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a...
So Unchill: Melting UNC2198 ICEDID to Ransomware Operations
Mandiant Advanced Practices AP closely tracks the shifting tactics, techniques, and procedures TTPs of financially motivated groups who severely disrupt organizations with ransomware. In May 2020, FireEye released a blog post detailing intrusion tradecraft associated with the deployment of MAZE. ...
VideoBytes: Is it goodbye forever to Maze ransomware?
Hello Folks! In this Videobyte we’re talking about Maze ransomware and whether or not its shutting down, and what that means for the cybercrime world. The notorious Maze ransomware group, known for its corporate targeting and data leaking extortion schemes is, apparently, shutting down operations...
Maze ransomware gang announces retirement
The threat actors behind Maze ransomware have announced their retirement. On November 1, they posted the retirement announcement on the website where they would normally name and shame their victims that were unwilling to pay the ransom. image courtesy of Graham Cluley "The Project is closed. Maz...
Maze Ransomware Operators Shutting Down Their Operations
By Deeba Ahmed In a bizarre announcement, the Maze ransomware gang revealed that their only aim was to reveal the security lapses at their targets. This is a post from HackRead.com Read the original post: Maze Ransomware Operators Shutting Down Their Operations...
Life of Maze ransomware
In the past year, Maze ransomware has become one of the most notorious malware families threatening businesses and large organizations. Dozens of organizations have fallen victim to this vile malware, including LG, Southwire, and the City of Pensacola. The history of this ransomware began in the...
Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach
The operators of the Maze ransomware have added a fresh trick to their bag of badness: Distributing ransomware payloads via virtual machines VM. It’s a “radical” approach, according to researchers, meant to help the ransomware get around endpoint defense. That’s according to researchers with Soph...
Maze ransomware group reportedly hits Canon; steals 10TB of data
By Sudais Asif Canon is still investigating the incident. This is a post from HackRead.com Read the original post: Maze ransomware group reportedly hits Canon; steals 10TB of data...
Maze Ransomware operators hack LG Electronics stealing critical data
By Sudais Asif The infamous Maze Ransomware operators have also leaked sample data. This is a post from HackRead.com Read the original post: Maze Ransomware operators hack LG Electronics stealing critical data...
Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents
Targeted ransomware incidents have brought a threat of disruptive and destructive attacks to organizations across industries and geographies. FireEye Mandiant Threat Intelligence has previously documented this threat in our investigations of trends across ransomware incidents, FIN6 activity,...
Maze Ransomware group steals 11m card data from Banco de Costa Rica
By Deeba Ahmed Banco BCR has been attacked twice in the past eight months by Maze ransomware operators. This is a post from HackRead.com Read the original post: Maze Ransomware group steals 11m card data from Banco de Costa Rica...
Maze Ransomware Attack Hits Cognizant
IT services giant Cognizant said that it has been hit by the Maze ransomware group in a cyberattack that has caused service disruptions. Cognizant, a Fortune 500 company that employs close to 300,000 people, said that it is providing customers with indicators of compromise IoCs and other technica...
'Double Extortion' Ransomware Attacks Spike
Victims of ransomware attacks now face a double whammy of headaches. Cybercriminals are increasingly inflicting more pain on ransomware victims by threatening to leak compromised data or use it in future spam attacks, if ransom demands aren’t met. The ransomware tactic, call “double extortion,”...
Maze ransomware group hacks oil giant; leaks data online
By Deeba Ahmed The Maze ransomware group disclosed that it has leaked the database containing information about Sonatrach. This is a post from HackRead.com Read the original post: Maze ransomware group hacks oil giant; leaks data online...
Ransomware Maze
ARCHIVED STORY Ransomware Maze Alexandre Mundo · MAR 26, 2020 Overview The Maze ransomware, previously known in the community as “ChaCha ransomware”, was discovered on May the 29th 2019 by Jerome Segura1. The main goal of the ransomware is to crypt all files that it can in an infected system and...
State & Local Governments: The Cyberinsurgency Spreads
Today’s world is dramatically different than even five years ago. Ransomware attacks, which used to make global headlines, are now commonplace. Cybercriminals—who have historically targeted large enterprises—are now also setting their sights on state and local governments. New, sophisticated...
A week in security (December 16 – 22)
Last week on Malwarebytes Labs, we signalled that Mac threat detections have been on the rise in 2019, discussed how a new Consumer Online Privacy Rights Act COPRA would empower American users, warned that the Spelevo exploit kit debuts a new social engineering trick, and let our own Statler and...
Incident Response lessons from recent Maze ransomware attacks
By JJ Cummings and Dave Liebenberg This year, we have been flooded with reports of targeted ransomware attacks. Whether it's a city, hospital, large- or medium-sized enterprise — they are all being targeted. These attacks can result in significant damage, cost, and have many different initial...
Maze Ransomware Behind Pensacola Attack, Data Breach Looms
The Maze ransomware is likely the culprit behind the recently reported cyberattack on Pensacola, Fla. that occurred earlier this week, which downed systems citywide. In an email sent to county commissioners, IT administrators said that the Florida Department of Law Enforcement said that the...
A week in security (November 18 – 24)
Last week on Malwarebytes Labs, we looked at stalkerware’s legal enforcement problem, announced our cooperation with other security vendors and advocacy groups to launch Coalition Against Stalkerware, published our fall 2019 review of exploit kits, looked at how Deepfake on LinkedIn makes for...