LG and Xerox have now both been the victim of ransomware attacks perpetrated by bad actors at Maze. That’s based on a recent report compiled by ZDNet, detailing the “Maze gang’s” hacking endeavors.
Now, the attacks themselves took place back in June. But today, both LG and Xerox appear to have failed to meet the demands of the ransomware. The group has historically breached corporate networks and stolen sensitive files, encrypted the data, and then demanded a ransom. If the first ransom demand fails, it then turns to create a dedicated ‘leak page’ on its website. That website is used as a threat behind a second demand for ransom.
This week, Maze operators published no less than 50.2GB from LG’s internal network and no less than 25.8GB from Xerox.
Why did the ransomware result in published LG and Xerox details?
Neither LG nor Xerox appears prepared to discuss the incident but the group behind the attack reportedly informed ZDNet last month that it had skipped the ransom step for LG. That decision, the group says, was made for several reasons. Not least of all, Maze claims, LG’s “clients are socially significant” and it didn’t want to ‘create disruption’. So, instead, it simply pulled out the LG data.
For Xerox, the details are less clear and Maze operatives aren’t discussing the matter.
What was stolen and published and why is this a bigger problem for LG?
In terms of what was stolen, at first glance, LG seems to have gotten off lightly. That’s because the data that was obtained by ZDNet appears to mostly be related to source code. Specifically, source code for closed-source firmware associated with LG phones, tablets, and other devices.
For Xerox, conversely, the Maze gang stole and published data tied to customer support for the company. That included sensitive information tied to Xerox employees and could potentially include data on customers. The full extent has not been entirely explored as of this writing, although no customer data has been found just yet.
But LG has also reportedly been the victim of a second hacking attempt. That hacking effort yielded far more damaging results. The unidentified hackers took advantage of an old server vulnerability to gain access to LG America’s R&D center. And that’s being sold on a hacking forum for between $10,000 and $13,000. Given LG’s current push to innovate and retake market share in the mobile industry, that could prove far more problematic.