Skip to main content

IT Services Giant Cognizant Hit by Maze Ransomware Cyber Attack


IT Services Giant Cognizant Hit by Maze Ransomware Cyber Attack


Cognizant Technology Solutions Corp, one among the most important IT services providers hit by Maze Ransomware Cyber Attack which causes service disruptions to its clients.

The company has quite 300,000 employees and it provides IT services, including digital, technology, consulting, and operations services.
Maze Ransomware Attack – Cognizant

The company started emailing their client on Friday, stating that their internal systems hit by Maze ransomware attack.

“Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for a few of our clients, is that the results of a Maze ransomware attack,” reads the corporate statement.

 High alert associated with the yet one more ransomware attack perpetrated by the Maze group possibly affecting @Cognizant.

 Reviewing & mitigating against the standard Maze TTPs (including RDP + remote services as an attack vector) is advisable.

 ✅Pushed #YARA↘️https://t.co/qcUY464fSf pic.twitter.com/z2zHL5apkm
 — Vitali Kremez (@VK_Intel) April 18, 2020

The company said that they need implemented internal security related to leading cyber defense firms and “taking steps to contain this incident”.

They also engaged with the enforcement authorities, consistent with the statement posted to its website on Saturday.

 – April 11 a threat actor offers to sell access to an enormous IT company for $200,000.

 – April 17th he closes the thread saying it's not relevant anymore.

 – April 18th, Cognizant suffers a Ransomware by Maze.

 Is it possible Maze bought that access and Cognizant was the company? https://t.co/IZlB82Bfd7
 — Under the Breach 🦠 (@underthebreach) April 18, 2020

The company has informed their “clients and have provided them with Indicators of Compromise (IOCs) and other technical information of a defensive nature”.

 Cognizant sending emails to their clients "stating that that they had been compromised" including a hash of a ~fresh Maze ransomware sample then Maze denies it?
 ðŸ¤” pic.twitter.com/9AEWWLpg8t
 — MalwareHunterTeam (@malwrhunterteam) April 18, 2020

The maze ransomware was first observed in May 2019, operators behind the maze ransomware are known for stealing unencrypted files before encrypting them.

Then by using the stolen files, the operators will threaten the victims to pay the ransom or they're going to release the info .

Unlike other ransomware operators who use social engineering and spam email campaigns to attack targeted systems, the maze ransomware operators use exploit kits to put the foothold.

“If the Maze operators conducted this attack, they were likely present in Cognizant’s network for weeks, if not longer,” said Bleeping computer, who first reported the incident.

Once the encryption completed each file gets appended with different extension along side the first extension and therefore the desktop wallpaper get’s changed to below.

Maze ransomware developed by skilled developers, they include variety of stealthy mechanisms and it poses an enormous threat to individuals and enterprises.

The ransomware attacks now become a simple and malicious way of robbing individuals and company’s can cost billions of dollars to not mention the privacy and safety implications.

Comments

Post a Comment

Popular posts from this blog

Alert for Weaponized TeamViewer Installer that delivers njRAT

Alert for Weaponized TeamViewer Installer that  delivers  njRAT   Hazard actors relying on legitimate, 9aaf3f374c58e8c9dcdd1ebf10256fa5 software Team Viewer for exploitation has been a totally commonplace situation. There have been numerous cases in which risk actors used 9aaf3f374c58e8c9dcdd1ebf10256fa5 software to deliver malware to the sufferers. In addition, a latest file from Cyble research & Intelligence Labs stated that the maximum popularly used remote computing device support software program, “Team Viewer” has been exploited by threat actors to deliver njRAT malware. Other software that become turning in njRAT malware include Wireshark, system Hacker, and so on., NJ RAT is a far flung get admission to Trojan that could perform keylogging, password stealing, facts exfiltration, gaining access to webcams, and microphones, downloading extra documents, and plenty of others. It changed into first determined in 2012 and was attacking companies in middle Japanese c...
Post a Comment
Read more

SIM swap attack permits Hackers Port a phone quantity to a brand new SIM to Hack WhatsApp & Evasion 2FA.

SIM swap attack permits Hackers Port a phone quantity to a brand new SIM to Hack WhatsApp & Evasion 2FA. Cybercriminals are actively performing SIM swap attacks in diverse international locations to bypass 2 things Authentication and to compromise the numerous social media apps which include WhatsApp through porting a sufferer’s smartphone number to a brand new SIM card. This widespread assault brought on economic damages, stolen credentials, and seizes OTPs to bypass victims’ online money owed. There are various fraud facilities and thousands of operators are running round the arena to seamlessly port a cell phone wide variety to a new SIM with an excessive achievement ratio.   In this situation, countries like Brazil and Mozambique have an excessive fee of SIM swap fraud the use of various social engineering strategies, and phishing attacks. A hit tries of this assault allow fraudsters take manage of clients’ telephone numbers with a purpose to get hold of mobile money tran...
Post a Comment
Read more

Former protection Engineer Arrested for Stealing $9 Million from Crypto alternate.

  Former protection Engineer arrested for stealing $9 Million from Crypto alternate. Shakeeb Ahmed, a former safety engineer, has been arrested for defrauding a decentralized crypto trade and stealing over $nine million. A digital currency trading, also known as a crypto currency alternate (DCE), is an enterprise that permits individuals to trade crypto currencies or digital currencies for different property, inclusive of conventional fiat money or other digital currencies. This marks the first crook case involving a smart agreement operated via a decentralized alternate. Vulnerability in Crypto exchange’s clever Contracts In July 2022, Ahmed took gain of vulnerability in clever contracts and inserted fake pricing facts, ensuing in fraudulent gains of about $9 million. He also utilized “flash loans” to defraud the crypto trade. Using his specialised capabilities as a senior protection engineer, he forcefully carried out the assault through reverse engineering smart contracts ...
Post a Comment
Read more