iTnews

Maze ransomware group call it quits

By Juha Saarinen, iTnews on Nov 3, 2020 9:30AM
Maze ransomware group call it quits

Security experts dubious.

The Maze ransomware gang, best known for attacking health care organisations and corporations around the world to extort them by encrypting and threatening to publish their data, claims it has ceased activities.

On a web page written in broken English and published on a site protected by Cloudflare's reverse proxy network, the ransomware criminals said "Maze Team Project is announcing it is officially closed."

Maze added that links and use of their name and methods, "should be considered to be a scam", in an apparent effort to preempt copycats riding on the criminals' infamy.

As part of the announcement, Maze blamed its many victims for stupidity and poor security practices that allowed the gang's attacks.

UK-based security industry commentator Graham Cluley expressed doubts as to how sincere Maze were.

"Who is to say if they have really quit or not," Cluley asked.

"Maybe they have truly given up. I do hope so, but it would be no surprise at all if they turned out not to keep their word."

Indeed, Maze seems to say that they could be plotting a return.

"We will be back to you when the world will be transformed [sic]," the group wrote in what they called their "official press release".

"We will return to show you again the errors and mistakes and to get you out of the Maze."

As of recently, Maze - which claims to only use its own software - has had to resort to borrowed techniques from other ransomware criminals, after security vendors improved their endpoint protection and foiled many of their attacks.

Cybersecurity expert The Grugq speculated that Maze might be feeling the heat from officialdom after some high-profile attacks this year.

"Well. I have a guess that ransomware is getting a bit hotter now," The Grugq told iTnews.

"The recent hospital attacks freaked out some US triple letters, and there was the Treasury notice [outlawing] payments [to the groups], etc.

"Maybe they’re just getting out before it gets too dangerous," the security researcher said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
maze ransomware security

Partner Content

MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
Partner Content MSI shows first laptops with Wi-Fi 6E, Nvidia RTX 30 graphics
MSI launches innovative new laptops
Partner Content MSI launches innovative new laptops
Improving returns from SD-WAN spending
Sponsored Content Improving returns from SD-WAN spending
NCS expands into Australia in partnership with Optus Enterprise
Sponsored Content NCS expands into Australia in partnership with Optus Enterprise

Sponsored Whitepapers

The risky business of open source
The risky business of open source
Ensure your e-signatures are legally binding
Ensure your e-signatures are legally binding
Mitigating open source risk in your organisation
Mitigating open source risk in your organisation
How to choose a WAF that's right for you
How to choose a WAF that's right for you
The global telco 5G cloud gaming opportunity
The global telco 5G cloud gaming opportunity

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • Beat the DDoS blackmailers in 2021
By Juha Saarinen, iTnews
Nov 3 2020
9:30AM
0 Comments

Related Articles

  • Maze ransomware criminals go virtual to evade detection
  • Semiconductor giant SK Hynix silent on ransomware attack
  • Regis Healthcare loses data in Maze ransomware infection
  • Chipmaker MaxLinear hit by 'Maze' ransomware attack
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Telstra blasts plan to 'set aside' mobile spectrum for Optus and TPG, but not it

Telstra blasts plan to 'set aside' mobile spectrum for Optus and TPG, but not it

Accellion hack behind Reserve Bank of NZ data breach

Accellion hack behind Reserve Bank of NZ data breach

Google unravels state-of-art Android and Windows exploit chains

Google unravels state-of-art Android and Windows exploit chains

Tyro halts trading following week-long outage

Tyro halts trading following week-long outage

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.