IT services giant Cognizant suffers Maze Ransomware cyber attack

Mahesh Sudula

Mahesh Sudula

Level 17
Thread author
Verified
Top Poster
Well-known
Sep 3, 2017
818
Content source
https://www.bleepingcomputer.com/news/security/it-services-giant-cognizant-suffers-maze-ransomware-cyber-attack/
Officially confirmed from CEO..I work for CTS. Clients are revoking WFH access to contain this incident.
------------------------------------------------------

Information technologies services giant Cognizant suffered a cyber attack Friday night allegedly by the operators of the Maze Ransomware, BleepingComputer has learned...
Cognizant is one of the largest IT managed services company in the world with close to 300,000 employees and over $15 billion in revenue.

As part of its operations, Cognizant remotely manages its clients through end-point clients, or agents, that are installed on customer's workstations to push out patches, software updates, and perform remote support services......

IOCs
IOCs.png


Network

Domain mazedecrypt.top

IP 91.218.114.11

IP 91.218.114.25

IP 91.218.114.26

IP 91.218.114.31

IP 91.218.114.32

IP 91.218.114.37

IP 91.218.114.38

IP 91.218.114.4

IP 91.218.114.77

IP 91.218.114.79
 
  • Like
  • +Reputation
Reactions: Fel Grossi, upnorth, Antus67 and 2 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
The Maze miscreants may not have been the ones to actually compromise the Cognizant network, though. Monitoring service Under the Breach claimed its team spotted someone selling access to an unnamed "major IT provider" for $200,000 roughly a week before the intrusion was revealed, leading it to speculate the Maze crew purchased access to Cognizant's systems from another hacker who performed the task of actually breaking into the network.

The strategy of leaking data if its demands aren't met is one favored by the ransomware gang, leading to a new threat for organizations that would otherwise just wiped the ransomware-infected devices and restored from backups without paying the ransom. Additionally, the Maze ransomware is particularly well-written and difficult to thwart with technical means.
Click to expand...

Bad news: Cognizant hit by ransomware gang. Worse: It's Maze, which leaks victims' data online after non-payment

IT services biz warns customers could be at risk of infection, too
www.theregister.co.uk www.theregister.co.uk
 
  • Like
  • Sad
Reactions: Antus67, Fel Grossi, Mahesh Sudula and 3 others
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
    • +Reputation
Shutterfly services disrupted by Conti ransomware attack
Replies
0
Views
542
News Archive
[correlate]
[correlate]
silversurfer
    • Like
    • Wow
    • +Reputation
Electronics retail giant MediaMarkt hit by ransomware attack
Replies
1
Views
1,168
News Archive
Berny
Berny
silversurfer
    • Like
    • Sad
    • +Reputation
Finnish IT services giant TietoEVRY discloses ransomware attack
Replies
1
Views
1,470
News Archive
Wasar
Wasar

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top