Researcher Leaked Conti Ransomware's Source Code and Internal Messages

After failing to extort ransom from both LG and Xerox, the infamous Maze ransomware group has eventually leaked the entire stolen data from those companies on its leak portal today. The data leaked is deemed sensitive, yet both the companies have not responded to explanation requests.

LG and Xerox Stolen Data Leaked in Dark Web!

Maze ransomware group is infamous for attacking reputed companies around the globe. The malicious gang is active to exploit any vulnerabilities found in any of the systems of its target company, and follow its routine of steal – encrypt – demand method. The group has been in the forefront of the recent changes made by ransomware groups, where they’d extort ransom by data leak warnings.

LG leak
LG leak

But now, it seems to have failed this procedure with two companies it hacked last month – LG and Xerox. Both these companies are well-known around the world and have their footprint in most of today’s innovations. Maze group has attacked both these companies and stole data from their networks. As per Maze group’s listing, about 50.2GB and 25.8GB data was leaked from LG and Xerox re respectively.

The data samples scrutinized by ZDNet revealed the dump includes source code of various LG products like phones and laptops. On the other hand, Xerox’s dump includes the data belonging their employees support operations. While there are no customers data included in the leak, it’s still a sensitive data as proprietary info and employees data can be used for malicious purposes.

Xerox Leak
Xerox Leak

Email requests made by ZDNet to LG and Xerox were ignored. But an answer from Maze group revealed that they haven’t encrypted the LG network since its clients are socially significant, so just exfiltrated data. But in Xerox’s, there’s no word if anything. While the modus operandi of this hack wasn’t explained yet, Troy Mursch from Bad Packets hints about Citrix ADC servers, which both the companies used.

These servers were exposed online at one or other point of time without any encryption, thus exploited by Maze ransomware group for access and data exfiltration.


Other Trending News:-  News


Please enter your comment!
Please enter your name here