Ransomware Gang Maze Steals 1.5TB Sensitive Data From Aerospace
Ransomware Gang Maze Steals 1.5TB Sensitive Data From Aerospace
June 8, 2020
Ransomware Gang Maze Steals 1.5TB Sensitive Data From Aerospace
Ransomware Gang Maze Steals 1.5TB Sensitive Data From Aerospace
June 8, 2020

Ransomware gang Maze reportedly stole 1.5TB of sensitive data from the ST Engineering Aerospace, the US branch of an integrated engineering group, which works with various governments, and its partners.

On June 6, it has been reported by The Straits Times that the Singapore-based company was allegedly attacked by Maze in March, citing an analysis by cybersecurity firm, Cyfirma

However, the report states that the data stolen by the criminals is related to contract details with various government, organizations, and airlines across the globe, as no additional details were provided on its content.

An internal memo has been issued on March 3 by ST Engineering Aerospace, detailing the VT San Antonio Aerospace as the site of a “ransomware infection.” 

The memo stated that McAfee and Windows Defender did not initially identify the ransomware attack. They managed to detect the problem by reading the renamed files and associated “DECRYPT-FILES.txt” located in the same folder as encrypted files.

ALSO READ :  Changpeng Zhao: We Will Be Suing 'The Block' Over China Police Raid Story

Likewise, Ed Onwe, the Vice-President and General Manager at VT San Antonio Aerospace, said:

“Our ongoing investigation indicates that the threat has been contained, and we believe it to be isolated to a limited number of ST Engineering’s US commercial operations. Currently, our business continues to be operational.”

Also, Cyfirma assured that some of the data stolen contained information on contracts with the governments of countries like Peru and Argentina, and with agencies such as NASA.

Thus, Brett Callow, the threat analyst at malware lab Emsisoft, commented:

“Ransomware groups often leave backdoors which, if not remediated, can provide continued access to a network and enable a second attack. This one of the reasons we always recommend that companies rebuild their networks after an incident as opposed to simply decrypting their data.”

Source: Cointelegraph | Image: New Atlas


Disclaimer

Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.

Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.

We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.

You May Also like

Ishita Bora

Ishita Bora is a Senior Content Creator at Digital Notice Media Labs with an experience of 1 year. She has completed her Master's Degree in Language and Linguistics in 2019 from Gauhati University, India. Her interest lies in blockchain technology and cryptocurrency space, as she loves writing about blockchain and other blockchain-related articles. Currently, she is working on blockchain-based news, reviews, featured articles, and guides.
Share This

Share This

Share this post with your friends!