Trying not to walk in the dark woods. A way out of the Maze

After numerous ransomware attacks since its appearance in May 2019, the popular Maze Team recently claimed the end of its criminal activity through a press release on its Dedicated Leak Site.

The Maze Team is responsible for the development and maintenance of Maze Ransomware, one of the most advanced and infamous piece of malware in today’s threat landscape, and has been the first adversary to adopt the Double Extortion technique, which allows attackers to maximize their chance of making profit asking ransom payment both from operation recovering and from avoiding the disclosure of stolen data.

Indeed, while for a period of time other threat actors had only threatened to release stolen information if the ransom wouldn’t get paid, Maze Team first created a DLS (Dedicated Leak Site) where to publish data if victims refuse to pay or were not collaborative.

On 01/11/2020 Maze Team claimed its project has officially closed.

However, it posed a very serious threat to many organizations and for this reason, in March 2020, Telsy Threat Intelligence Research Team developed and tested a vaccine to prevent files encryption operated by variants of popular Maze Ransomware.

This vaccine has been made available to Telsy customers, to some Italian and international entities operating in the healthcare sector and has been released on closed communities to trusted individuals only.

Download the full report below:

pdf 1
pdf 1