Maze Ransomware operators publish 14GB of files stolen from Southwire


The Maze ransomware gang who has encrypted the files of the Southwire cable manufacturer has released 14GB of the stolen files.

The Maze ransomware implemented data harvesting capabilities and the hackers are threatening to release the data for all those victims who refuse to pay the ransom.

The gang behind the ransomware have developed a website where they have published the list of names of eight companies that allegedly refused to pay the ransom.

The website also has details related to the infection, including the date of the attack, some stolen documents, the size of stolen data, and the list of IP addresses and machine names of the infected servers.

The Maze ransomware operators have released 2GB of files out of 32GB which they claim to have stolen from the City of Pensacola in December.

According to reports the gang demanded a $1 million ransom to decrypt the victim’s files.

The attack against the Southwire cable manufacturer took place in December where the hackers infected 878 systems on the company network and stole 120GB of files.

They demanded $6 million worth of bitcoins to prevent the leak of Southwire’s stolen files, but the company refused to pay the ransom. After that the operators uploaded some of the company’s files to its web site.

Southwire filed a lawsuit against Maze in Georgia courts for illegally accessing their network, stealing data, encrypting computers and publishing the stolen data after a ransom was not paid.

The company asked the web hosting provider in which the Maze site was hosted to shut down it.

After releasing the stolen files of the Southwire on a Russian hacking forum, the gang announced that they have plans to release 10% of the data every week unless the ransom is paid.

So, now the Southwire executives are to decide whether it is better to pay the ransom or not to avoid greater loss for data being exposed.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Cable modems vulnerable to new Cable Haunt vulnerability

    Previous article

    Chinese Hacking Group APT40 hides behind 13 front companies

    Next article

    You may also like

    More in Ransomware


    Leave a reply

    Your email address will not be published. Required fields are marked *