Maze Ransomware Group Retires (Retires!), Leaving a Gap in the Ransomware Marketplace



Maze RansomwareThe news last month of the “retirement” of Maze should be a warning to organizations wondering what ransomware will come next and how much worse will it be.

Nothing says you’ve made it like being able to retire. You’ve felt like you’ve spent enough time in the workforce, socked enough money away, and now want to spend your time playing golf or doing humanitarian work, etc.

That’s the scary part about the news of the retirement of the Maze group. Think about it – they’ve collected over $100 million and have decided it’s no longer of interest (what a way to exist on a high note!). Maze has gone from simply being the malware to be emulated to becoming a financial goal for cybercriminal teams. And that’s dangerous; they’ve shown the world it’s possible to make enough to retire in just a few years. Talk about motivation.

So, what’s next for ransomware? Industry data shows many Maze affiliates have to a new family of ransomware-as-a-service known as Egregor that uses the same “encryption, data exfiltration, and extortion” recipe as Maze.

But that’s not a guarantee that Egregor is the new Maze.

Organizations should expect to see ransomware gangs stepping up their game – and that means more phishing attacks, more affiliates, organized use of outsourcing for parts of cyberattacks, better evasion techniques, and better spearphish targeting. Why? Because every wannabe ransomware gang wants to make their $100+ million and retire too!

To prepare, organizations need to strengthen their human firewall – the user who interacts with phishing attacks – through new school Security Awareness Training. By educating them on the ever-changing face of social engineering techniques and phishing schemes, users are mindful that every time they open an email or visit a website, it may be part of an elaborate attack designed to trick them into installing the next evolution in the ransomware saga.


RanSim

Free downloadable software tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the installer and run it
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransim

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews