Xerox Corporation hit by Maze Ransomware

June 30, 2020 SecurifideAdvisory
0 Comment
data-breach, maze-ransomware, ransomware, security, xerox

Recently, Xerox have been attacked by Maze Ransomware operators. Xerox Holdings Corporation is an American corporation that sells print and digital document products and services in more than 160 countries.

During our dark web sweep, we noted the Maze Ransomware operators have posted about their achievement of taking over Xerox Corp data.

A ransom note was also disclosed by the threat actor warning of repercussions if not paid within stipulated amount of time.

Ransom note by Maze

Upon further investigating the data which the threat actor is claiming to have, we found that they got the access of Xerox network and domain “eu.xerox.net”.

Domain and Whois Lookup

The leak data may include:-

  1. Database of the organization including the EU counterparts, their global delivery KPI information and user database.
  2. Photos, Files and other private data (Contracts).
Leak data snapshots

The ransomware operators also have previously targeted ‘Conduent’ (which was part of Xerox corporation till Jan 2017) on May 29, 2020, as per security researchers, the ransomware operators found a weakness in the Citrix server, which was vulnerable to the CVE-2019–19781 vulnerability.

As of now we are unsure, if the data posted by ransomware operators is available for sale. But we will be tracking the operators actively.

— — — — — — — — — — — — — — — — — — — — — — — — — —

Security Chronicle is a team of independent security researchers and a dedicated security news platform to educate, aware netizen on security risks & threats.

Twitter

LinkedIn

Email us at “secchronicle@gmail.com”.

darkweb

Leave a Reply

Your email address will not be published. Required fields are marked *