
In a brazen, open letter to its victims, the Maze ransomware group is claiming that economic hardships related to COVID-19 are forcing them to take a tough line with their “clients” and demanding payment by Sunday, threatening “reputation damage and financial” loss.
“If you have failed to start communication in three days you can blame only yourself for you (sic) reputation damage and financial lost (sic),” the hacker group posted on its news website.
Among the companies being threatened are Florham Park, N.J.-based Conduent and Norwalk-based Xerox, which have each recently fallen prey to the malware, with word that Xerox was hit last week along with screenshots that purported to show information that was stolen.
Conduent said its European systems were attacked in May. The company said it took about nine hours to lock down the attack and restore the systems. However following that event, the hackers published a document that appeared to be an invoice from Conduent’s customer Vodafone in Germany. Conduent and Xerox did not return requests for comment about the hacker demands.
Brett Callow, a threat analyst with Emsisoft, an anti-malware software provider, said the threats probably means that the criminals are finding it harder to extract payment due to the pandemic having left a very large number of companies in financial distress. He said some will not be able to pay the amount they may have been willing to pay previously, and some will not be able to pay at all.
“Maze does likely have data relating to these companies, and will likely publish it if they remain non-complaint,” Callow told CRN. “In fact, we know they do as they’ve already published small snippets of the information. However, whether they have as much data as they claim and whether it’s as sensitive as they claim is a completely different matter. This could simply be an attempt to pressure the companies into settling before they complete their forensic investigations and realize that Maze did not extract as much data as they claim.”
The Maze group is unsparing of its victims in demanding that they talk, claiming they are not “physiologists” – possibly meaning psychologists -- who will try to understand why victims might refuse to start a conversation.
“Negotiation means the dialog (sic) and finding the best solution for both parties,” the group wrote. “If the client is too shy, or scared or just can’t negotiate, this is exclusively the client’s problem.”
The group said it was pushing victims for payment due to economic circumstances that it is now in due to the COVID-19 pandemic.
“The whole world is in pandemic and deep economy (sic) crisis. We are also in the same reality with the whole world,” the group wrote.
The hacker group said it will begin publishing data in three days and will finish publishing all of the data in 10 days.
“No more delays of a month or two,” they wrote. “With the start of publication we will also notify all of the client’s partners, clients and regulators.”
Several large solution providers have been hit this year by Maze or other ransomware, with Cognizant announcing their systems were hit in April by Maze which could come at a remediation cost of $50 million to $70 million, not including lawsuits.
Maze said it wants to deal honestly with the victims whose information they have stolen.
“The Maze team is proud of its reputation,” the group wrote, “so we will (try) to respect scrupulously the agreement with the client. Our business is based on it. Our honesty is our revenue.”
related stories
Video
trending stories
sponsored resources

Cysurance
Cyber Insurance 360

EPOS
EPOS

Fujifilm
Fujifilm

Dell Technologies
Dell Technologies Storage Learning Center

Mimecast
Mimecast

Carbonite
Cloud Storage 360

Application Integration 360

Hitachi Vantara
Hitachi Vantara

Dell Technologies
Dell Technologies Cloud Learning Center

Tenable
Cyber Risk 360

Webroot
Webroot Learning Center

NPD
Industry Trends 360

BlackBerry
BlackBerry Learning Center

Symantec
Symantec Business Security Learning Center

Sherweb
Sherweb

Acer
Remote Workforce 360

APC by Schneider Electric
Digital Services for Edge Learning Center

Channel Chief Showcase

StorageCraft
Disaster Recovery Learning Center

Vertiv
Edge Computing Learning Center

Wasabi
Wasabi

Dell Technologies
Dell Technologies Hybrid Cloud Learning Center

Cradlepoint
5g for Business 360

Comm100
Collaboration & Communications 360

Veeam
Veeam

Smart 3rd Party
3rd Party Maintenance 360

Sophos
Sophos Cybersecurity Learning Center

Trend Micro
Trend Micro Learning Center

VMware

HubStor
Cloud Backup 360

eSentire
Managed Detection and Response 360

Comcast Business
Comcast Business Learning Center
