News

Maze operators attacked medical company, which is testing vaccine for COVID-19

Maze ransomware operators attacked Hammersmith Medicines Research (HMR), a medical research company, which is testing a possible vaccine for COVID-19.

The company refused to pay a ransom to unlock the computer systems, and as a result, personal data of thousands of former patients leaked to the Network.

According to Computer Weekly, Maze operators have published secret medical and personal information, including medical questionnaires, passport copies, driver’s licenses and national insurance numbers for more than 2,300 patients of the organization.

“The criminals behind the Maze ransomware attacks have struck again, stealing data from a victim and then publishing it online to get them to pay the ransom demanded. A medical facility on standby to help test any coronavirus vaccine has been hit by a ransomware group that promised not to target medical organizations”, — reports Forbes with the link on Computer Weekly.

The attack occurred only a few days after the criminal group publicly announced the cessation of attacks on medical research organizations and companies during the coronavirus pandemic. The criminals kept their promise for only three days. HMR IT staff discovered a cyberattack on March 14 and by the end of that day was able to stop it and resume computer systems and email.

HMR did not disclose how Maze could access its network. According to Troy Mursch, co-founder of Bad Packets, Hammersmith Medicines Research used a Fortinet VPN server, which could contain a vulnerability that allowed Maze to hack. Infosecurity professional, John Opdenakker, is not at all surprised that the Maze actors broke this so-called promise.

“Financial gain is, unfortunately, the only motive for criminal actors. They also know that medical organizations are currently in a very vulnerable situation due to the coronavirus outbreak, which only increases the probability that they’ll pay the ransom”, — says the Opdenakker.

The FBI has already warned of a significant surge in COVID-19 scams, for example we wrote that the Attackers Spread Fake Coronavirus Android Tracker, and championship in “licensed” hacking Pwn2Own passed in virtual environment Due to COVID-19.

At the same time, security provider Emsisoft, in collaboration with Coveware, announced that they would provide a completely free ransomware recovery service for critical hospitals and other healthcare providers. This includes developing a decryption tool whenever possible.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
James Brown

Technology news writer and part-time security researcher. Author of how-to articles related to Windows computer issue solving.

View Comments

  • […] However, cybercriminals take advantage of the panic associated with the pandemic with all means, for example, Maze operators attacked medical company, which is testing vaccine for COVID-19. […]

  • […] example, some attackers spread fake coronavirus android tracker, and, say, Maze operators attacked medical company, which is testing vaccine for […]

  • […] promised to decrypt the data free if the attack accidentally affects doctors. However, Maze soon violated their Robin Hood […]

  • […] Maze and DoppelPaymer operators promised not to attack medical facilities during the pandemic, but Maze soon broke these promises. DoppelPaymer, as we see, did not attack doctors, however, due to this criminals do not cease to be […]

  • […] Also note that the operators of Maze and DoppelPaymer ransomware suspended attacks on medical organizations. However, one of them soon broke the promise. […]

Recent Posts

Remove News-bpudepi.today pop-up ads (Virus Removal Guide)

News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove Doguhtam.xyz pop-up ads (Virus Removal Guide)

Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove News-xlixoti pop-up ads (Virus Removal Guide)

News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…

1 day ago

Remove Ducesousightion pop-up ads (Virus Removal Guide)

Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove News-xlabica.live pop-up ads (Virus Removal Guide)

News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove Mergechain.co.in pop-up ads (Virus Removal Guide)

Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…

1 day ago