Tech

Double Extortion: Ransomware groups merge

The group behind the Maze ransomware apparently wants to work with other extortionists to release data from unwilling victims. The reports the IT news site Bleeping Computer. The maze gang started some time ago Publish data from data subjectswho didn’t want to pay to decrypt their files. Bleeping Computer was informed that data from ransomware attacks that were not provided by Maze itself would also be presented on a page set up for this purpose. At the request of Bleeping Computer, the operators of the site confirmed the observation.

Job market

  1. operational services GmbH & Co. KG, Frankfurt am Main
  2. OLD LEIPZIGER life insurance a. G., Oberursel near Frankfurt am Main



According to the report, Maze announced that additional groups will publish data on the platform. “They use not only our platform to publish company data, but also our experience and reputation”, said the site operator accordingly. Treat other groups as partners, not as competitors. The ransomware scene is thus becoming more professional and is putting increasing pressure on companies and individuals concerned.

In the beginning, ransomware ransomware primarily demanded ransom money from their victims to restore their files. In recent months, some groups have switched to so-called double extortion and have threatened their victims with the publication of captured data. Lotem Finkelsteen from the IT security company Checkpoint sees this as a trend: “We saw this a lot in the first quarter of 2020. This tactic is used by the extortionists to narrow their victims even more by releasing sensitive information in the darkest corners of the net to underline their ransom demands.”

Maze co-founded this practice and leaked in December 2019 Data from a US security company. Others followed suit: The technology producer Visser Precision, among others, was affected, and its customers also include SpaceX and Boeing. After refusing to pay, internal documents and payment information were found on the Internet for these. Customer data from Stadtwerke Ludwigshafen were also leaked on the Darknet after the electricity and water supplier refused to pay a double-digit million amount to its extortionists.

Please activate Javascript.

Or use that Golem pure offer

and read Golem.de

  • without advertisement
  • with javascript turned off
  • with RSS full text feed