Cyber Crime

Maze Ransomware Operators Shutting Down Their Operations

In a bizarre announcement, the Maze ransomware gang revealed that their only aim was to reveal the security lapses at their targets. 

The Maze ransomware operators launched several devastating cyber-attacks throughout 2020, the most recent targets being Cognizant in April, San Antonio Aerospace in June, Xerox in July, and Canon in August. Their targets suffered severely as a large volume of data was encrypted.

Now, the group that pioneered the double extortion technique has announced to shut down its operations for good. They claim that their acts were targeted towards organizations having lax security.



The gang was identified in May 2019; it specializes in infecting systems, encrypting files, and demanding a ransom in exchange for the files. However, the group claims that it is different from other groups as it only threatened the target to leak the stolen information only if they don’t pay the ransom. Other groups, such as REvil, Ryuk, and Mount Locker, all started following a similar modus operandi after taking inspiration from the Maze ransomware gang.

The press release published on their official website stated that they were closing the project.

“The Project is closed. Maze Team Project is announcing it is officially closed. All the links to our project, using of our brand, our work methods should be considered to be a scam.”

“We never had partners or official successors. Our specialists do not works with any other software. Nobody and never will be able to host new partners at our news website. The Maze cartel was never exists and is not existing now. It can be found only inside the heads of the journalists who wrote about it [sic].”

Their shutdown was expected as rumors had been circulating across the cybersecurity community for quite some time. On November 1, 2020, the group made it official by releasing a somewhat bizarre screed.

They stated that apart from closing its operations, the website where it posted the data leaks from its different attacks will not be updated. If anyone wants their private data removed, they can contact Maze’s support chat until the next month.



In a lengthy farewell statement, the Maze operators stated that they set up this project because the world was becoming too reckless, indifferent, stupid, lazy, and organizations needed to take cybersecurity and secure data storage seriously.

Press release published by Maze ransomware gang.

Victims of Maze ransomware:

There are several victims of the infamous Maze ransomware operators however names of some major ones are mentioned below:

Canon Inc
Sonatrach
LG Electronics
Banco de Costa Rica
VT San Antonio Aerospace (VT SAA)

Westech International (Nuclear contractor)



To Top

Pin It on Pinterest

Share This