Cyber Attack

Maze Ransomware Operators Hacked Highways Authority Of India (NHAI)

Recently, last week, the maze ransomware operators hacked the National Highways Authority of India (NHAI), and this attack caused a massive loss of data that was stored in a hardware device. The National Highways Authority of India (NHAI) is an independent agency that is managed and controlled by the Government of India. 

It was started in 1988, and this agency is accountable for the management of a network for over 50,000 km of National Highways out of 1,15,000 km in India. Not only this, but it is also a nodal agency of the Ministry of Road Transport and Highways.

Moreover, the NHAI has approved a memorandum of understanding (MoU) along with the Indian Space Research Organisation (ISRO) for satellite mapping of highways. Here, the hacker claimed that they had stolen a massive amount of data.

According to the CIO report, this attack was carried out on Sunday night, the hackers attacked the National Highways Authority Of India’s email server, but according to the Indian Agency, no data was stolen from the agency. Therefore, the agency has immediately shut down their server after this incident.

The maze ransomware operators have posted few screenshots regarding the attack they carried out, and here are they:-

The operators have also claimed that they have stolen NHAI servers and published all the sensitive data files that they have stolen. The hackers affirmed that they had leaked only 5% of the total data, as they have a lot to show.

The Chief General Manager, IT, Akhilesh Srivastava, “There was an attack that took place on Sunday night on email server of NHAI, but there was no loss of any data. The attack was thwarted by the security system and email servers of the agency, but, for extra security measures, the email servers were shut down.

Recommend mitigations

  • Use a strong password.
  • Enable multi-factor authentication.
  • Do not share your personal information.
  • Always use a reputed anti-virus tool.
  • Keep activated the automatic update feature for the latest security updates and patches.

At the starting of this month, the government of India has already notified many companies and businesses about the enormous cyber attacks against individuals and businesses in the country. 

According to the security report, there was around 2GB of the sensitive data compromised. The data leak holds delicate corporate operational reports like the staff list of the company, passport copy of ex-chairman of NHAI, all the details of subservient family members of NHAI employees, NHAI national audit reports, and many more.

You can also read the complete ransomware mitigation checklist.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read :

New Ransomware “EvilQuest” Attacking macOS Users to Encrypts Users Files

Most Ransomware Attacks Take Place in the Night or During Weekends

Xerox Corporation Hacked by Maze Ransomware Operators – Sensitive Files are Encrypted

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Volkswagen Hacked – Hackers Stolen 19,000 Documents From VW Server

Volkswagen, one of the world's leading automotive manufacturers, has fallen victim to a sophisticated hacking…

4 hours ago

Beware Of Fake MetaMask Android Apps That Steal Login Details

Threat actors exploit fake Android apps primarily for illicit reasons, such as stealing sensitive and…

5 hours ago

CrushFTP Zero-Day Could Allow Attackers To Gain Complete Server Access

CrushFTP disclosed a zero-day vulnerability (CVE-2024-4040) affecting versions below 10.7.1 and 11.1.0. The vulnerability allows…

5 hours ago

IBM QRadar XSS Flaw Let Attackers Arbitrary JavaScript Code

A significant vulnerability was detected in IBM QRadar Suite Software and Cloud Pak for Security,…

6 hours ago

Seedworm Hackers Exploit RMM Tools to Deliver Malware

The notorious hacking group Seedworm, also known as MuddyWater, has been found exploiting legitimate remote…

6 hours ago

WordPress Plugin Flaw Exposes 10k+ Websites to Cyber Attacks

A critical vulnerability in the WP Datepicker WordPress plugin was identified, affecting over 10,000 active…

7 hours ago