Maze Ransomware Does It Again, This Time Targets US Aerospace Services Provider

VT San Antonio Aerospace targeted

• Recently, it was disclosed that the Maze Ransomware gang targeted the systems of US aerospace services provider VT San Antonio Aerospace in March 2020.
• The threat actors used a compromised Administrator account, accessed via remote desktop connection, and attacked the company's domain controllers, intranet servers, and file servers on two domains.
• The group claims to have stolen 1.5 TB of unencrypted files, and a number of files and sensitive data has been posted on their leak site already.

Maze group wreaking havoc

• Within the first week of June, there have been disclosures from several high-profile organizations being targeted by Maze, including US military nuclear missile contractor Westech International, the global aerospace, and marine engineering group ST Engineering Group, Business Services giant Conduent, TekCollect & AmerAssist, the Smith Group, Kerr Controls and a bunch of other leaks including Bossini, Faxon Machining, GCL System, Critical Control Energy Services, Seats Inc, and Grupo Cocenzo.
• In May 2020, Maze was in news for its attacks and leaks related to BCR Bank, Pitney Bowes, Sparboe Companies, Mercury Insurance Group, Universal Windows & Door, Optimara, Andrew Cross & Co, etc.
• In April 2020, Maze created a huge buzz when it targeted the IT service giant, Cognizant.

Security tips