The maze ransomware operators have claimed that they had breached the South Korea LG electronics. But, this ransomware consists of two screenshots, the first one includes LG Electronics’ official firmware or software update releases, whereas the second screenshot carries a list of reference codes of their different products.
Ransomware is a very common cyberattack for all organizations. Well, LG Electronics is a South Korean multinational electronics organization; its headquarters are located in Yeouido-dong, Seoul, South Korea, and not only that event LG is a member of the fourth-largest chaebol in South Korea.
It has made global sales of $55.91 billion in the year 2014, but, LG includes a total of four business sections, they are Home Entertainment, Home Appliances & Air Solutions, Mobile Communications, and Vehicle Parts, and it has a total of 83,000 employees globally.
Maze Ransomware Breached LG Electronics
The maze ransomware operators have recently published a press statement in which they urged to the companies not to try to collect the stolen data themselves because their maze locker couldn’t be decrypted without the help of maze team, and another point is that the companies would have to pay double or even four times the money and yet would be competing to gain the data.
According to the report, the ransomware has only released three screenshots regarding the attack. And thus, by these screenshots, they made clear that if the company tries to collect the data that has been stolen, then they might release the data as soon as possible, not only this, even the company also needs to pay more as ransom.
The Maze ransomware operators who have recently attacked the largest IT service firm cognizant are keeping a strict eye on this operation. Moreover, they have also stolen information from US military contractor WesTech and the ST Engineering organization; even they have also published the credit card data, that were stolen from the Bank of Costa Rica (BCR).
The LG electronics are mitigating the whole conflict, as they are focusing on the matter that how the maze ransomware operator stole the data, although it’s still unclear, and thus they are investigating the incident.
Although there is no exact information about this conflict, the Maze operators have initially accessed the methods that are applied by the threat actors, which include connecting through an exposed remote desktop connection and turning to relevant hosts through negotiated Domain Administrator accounts.
Apart from LG, there are many organizations that faced these types of attacks, which are carried by the Maze ransomware operators. But, its quite challenging to blame Maze Ransomware operators, as they had made a reputation of distributing stolen files if they don’t reach an agreement with their victims for a price or a ransom payment.