The world and its citizens might be fixated on the Coronovirus and its effects, but there are malicious people doing their online nefarious activities as well. One such incident is the ‘Maze’ ransomware attack on the IT services giant Cognizant on Saturday.
I had already blogged about ransomware a while back. To recap, in a ransomware attack, the hacker holds the files on your system for a ransom and releases the files only after a ransom is paid!
Here are a few points about the Maze ransomware:
- The ‘Maze ransomware’ was earlier known as the “Cha cha ransomware”
- It was first discovered in May 2019 by Jerome Segura
- The Maze ransomware is different from other ransomware in that it not only locks the user’s system files but it also exfiltrates the user’s files onto the hackers’s server.
- The files will be released only after the ransom is paid
- If the ransom isn’t paid, the Maze hackers threaten to release the files online
- The Maze threat actors must have be working on Cognizant’s network for weeks before they were held for a ransom
- The Maze group performs its ransomware attacks through exploit kits
- The Cognizant attack was discovered on Friday, April 17th
- Chubb insurance and Hammersmith medicines Reserach are the other victims of the Maze ransowmare
- This is still a developing story
Protecting yourself:
- Backing up files and storing them on unconnected devices is the best way to protect from ransomware attacks
- Change passwords frequently
- Use a security solution to keep up with the changes in the security landscape
- Apply patches and updates as and when available
Hope this post answered some of your doubts about the Maze ransomware. If you think you have been hit by the Maze ransomware or any ransomware attack, please contact cyber security professionals or law enforcement right away!
The previous post can be found here