Black hat hacker group, Maze, claims to have used ransomware to compromise the methods of insurance coverage large, Chubb. Additionally they declare to have stolen the agency’s information.
Brett Callow, menace analyst at cybersecurity agency, Emsisoft, informed Cointelegraph on March 27 that Maze printed the declare on its web site. Whereas the web site doesn’t present any direct proof of the hack up to now, Callow identified details that give the declare an air of credibility:
“Maze’s previous victims embrace governments, legislation companies, healthcare suppliers, producers, medical analysis corporations, healthcare suppliers and extra.”
Maze’s modus operandi
Callow defined that the group often first claims the hacks after profitable assaults after which — if the sufferer doesn’t pay — they publish a small quantity of the stolen information as proof of the hack. At this level, if the compromised entity nonetheless doesn’t pay, Maze will begin publishing an increasing number of delicate information:
“Ought to the corporate nonetheless not pay, extra information is printed, generally on a staggered foundation, to ramp up the stress. In earlier circumstances, the criminals have additionally printed the info on Russian cybercrime boards with a word to ‘Use this info in any nefarious methods that you really want.’ In a single earlier incident, the group demanded $1 million to decrypt an organization’s information plus a further $1 million to destroy the copy that had been stolen.”
In February, Maze compromised 5 United States legislation companies and demanded two 100 Bitcoin ransoms in trade for restoring information and deleting further copies of their information. The ransom quantity demanded from Chubb just isn’t at the moment identified.
In line with firm information web site, Owler, Chubb is an insurance coverage supplier headquartered in Zurich with 32,700 workers and an annual income of $34.2 billion. The agency didn’t reply Cointelegraph’s inquiry by press time.
An organized hacker group
Maze is a very infamous and well-organized cybercriminal group. Callow additionally informed Cointelegraph that “Maze was the primary ransomware group to steal and publish information, and it’s a technique that different teams have since adopted.”
Maze additionally publishes press releases on the identical web site the place stolen information is printed. These bulletins intently resemble the statements launched by atypical corporations, though they usually include grammatical errors. In a single such press launch — printed on March 22 — the group claims that it carries on its actions in an try and carry consideration to the shortage of cybersecurity. The discharge reads:
“We wish to present that the system is unreliable. The cybersecurity is weak. The individuals who ought to care in regards to the safety of the knowledge are unreliable. We wish to present that no one cares in regards to the customers. […] Some folks like Julian Assange or Edward Snowden had been making an attempt to point out the fact. Now it’s our flip. We are going to change the scenario by making irresponsible corporations pay for each information leak.”
The announcement additionally guarantees that the general public will hear extra about profitable assaults by the group sooner or later. In one other announcement — dated March 18 — the Maze group additionally promised that companies they hack amid the pandemic could have proper to a reduction within the ransom:
“Because of the scenario with the incoming world economic system disaster and virus pandemic, our Group determined to assist business organizations as a lot as attainable. We’re beginning an unique low cost season for everybody who has confronted our product. Reductions are provided for each decrypting information and deleting of the leaked information. To get the reductions our companions ought to contact us utilizing the chat or our information useful resource.”
As Cointelegraph just lately reported, Maze additionally contaminated the methods of Hammersmith Medicines Analysis, a United Kingdom agency researching the coronavirus. Maze printed delicate information on its web site together with the outcomes of medical exams and id paperwork, akin to passports.