Ransomware Attackers Leak Stolen Data

Ransomware attacks have taken an unwelcome turn: A Ransomware Group called The Maze gang (yes they now brand themselves) reportedly has begun leaking a victim’s files to create pressure to pay a ransom.

Security experts say that leaking data as part of a ransomware shakedown isn’t a surprising turn of events. But it’s unclear whether this tactic will catch on, they say, because simpler ransomware attacks tend to be much more lucrative than attacks that involve data exfiltration.

Even so, the group using Maze ransomware published almost 700 MB of data that it stole from Allied Universal, a California-based security services firm with a valuation of about $7 billion, Bleeping Computer reports.

The “Maze Crew” tells Bleeping Computer (they now have spokespeople)  that the leak only represents a fraction of the 5 GB of data they stole, and that they’ll dump the rest – sending it to WikiLeaks – unless Allied Universal coughs up a ransom of 300 bitcoins, currently worth about $2.1 million.

The attackers also claim to still have access to Allied’s site and to have stolen TLS and email certificates that they could use to impersonate the security firm via email spam campaigns.

Here is the full story written by Mathew J. Schwartz (euroinfosec) on the www.bankinfosecurity.co.uk web site