Cyber security news for all

More

    U.S. Aerospace service provider hacked by MAZE Ransomware

    The latest in a long line of cyberattacks orchestrated by Maze Ransomware is the aerospace device provider- V.T. San Antonio Aerospace (VT SAA). VT SAA is a Texas-based aerospace service provider, which is a subsidiary of Singapore-based technology firm S.T. Engineering.

    The threat actors have claimed responsibility for the hacking a massive 1.5 terabytes of classified and private data stolen during the breach.

    The Vice president and general manager of the firm, Ed Onwe, stated that “a sophisticated group of cybercriminals, known as the MAZE group, gained unauthorized access to our network and deployed a ransomware attack.” This serves as the second attack from the hackers with the first attack dating back to 7th March.

    A folder location was the key to the discovery of the breach; renamed files and associated ‘DECRYPT-FILES.txt’ located in the same folder as encrypted files.

    Following the breach, the company immediately took steps to minimize the fallouts. They took some systems offline, alerted law enforcement agencies, and sought forensics advisors investigating the threat.

    The company continued inspections of the breach and also recovered lost data. They contained the “infection” and realized that targeted areas were mostly S.T. Engineering’s U.S. commercial operations.

    Details about the stolen data have not been released yet, but it is assumed that data such as company’s financial record, schedules, a line up of projects, and exclusive contracts details signed with government parastatals like NASA, American Airline, etc., might be included.

    The hackers M.O involve stealing data (which will be used as ransom) before injecting a payload and encrypting the data in the victim’s system.

    Right now, the stolen 1.5terabytes of data is being used to force the “hands” of the company.

     

    MAZE ransomware can be introduced into a system via phishing emails. Once contact is made, data is stolen for ransom and the encryption process follows suit. Failure to meet up to their demands results in data being leaked. The MAZE ransomware operators target prominent companies and hope to pressurize them into paying.

     

     

    Recent Articles

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    The slamming of undeletable Adware on Android users

    Researchers have discovered that about 14.8% of users of android phones that were targeted with mobile adware or malware the previous year have undeletable...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox