Friday Hacker Blogging: Maze Ransomware Gang Releases 5% Of Stolen Canon Data

Friday Hacker Blogging

Every Friday from now on I’ll make a post on a random topic about Linux, computer and information security, coding and hacking, and more infosec stuff.

You can use the Friday Hacker Blogging post to discuss the topic, or discuss whatever photography news or topic you want. Please be respectful, same rules as usual apply for comments.

The first post in the Friday Hacker Blogging series is a follow up to the hacker attack against Canon USA by the Maze ransomware gang. Numerous Canon services have been affected, including Canon’s email, Microsoft Teams, the Canon USA website, and other internal applications, and 10TB of data was stolen. Bleeping Computer describes the Maze gang and how they work:

Maze is an enterprise-targeting human-operated ransomware that compromises and stealthily spreads laterally through a network until it gains access to an administrator account and the system’s Windows domain controller.

During this process, Maze will steal unencrypted files from servers and backups and upload them to the threat actor’s servers.

Once they have harvested the network of anything of value and gain access to a Windows domain controller, Maze will deploy the ransomware throughout the network to encrypt all of the devices.

If a victim does not pay the ransom, Maze will publicly distribute the victim’s stolen files on a data leak site that they have created.

Ransomware gangs often use a controlled leak of stolen data as a mean to scare the victims and motivate them to pay the ransom. It seems such a controlled leak hit Canon too.

It’s again Bleeping Computer reporting that a 2.2 GB archive called “STRATEGICPLANNINGpart62.zip” was released on the Maze data leak site. Bleeping Computer has been told it contains marketing materials and videos, as well as files related to Canon’s website. However, it seems that the leak does not contain financial or employee information, or other sensitive data.

Leaked Canon data, image courtesy of Bleeping Computer

It’s still an ongoing story and I will keep you posted.

Btw, the idea for Friday Hacker Blogging was inspired by Schneier on Security’s Friday Squid Blogging. As I wrote above, you can use this post to discuss the topic, or about whatever photography news you want. Just be polite and respectful.

This post might contain affiliate links. That means we will get a small fee if you make a purchase through the links, without any additional cost to you. Support Canon Watch! We love to bring you all the latest news about Canon and photography. If you buy your gear through our affiliate links you help this site going on.

Follow Canon Watch: Facebook, Twitter, Google+, Tumblr, RSS, 500px

Related Posts

Back To Top

Notice

This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy. If you want to know more or withdraw your consent to all or some of the cookies, please refer to the cookie policy.
By closing this banner you agree to the use of cookies.