Hacker Group Claims To Have Used Ransomware Against Insurance Giant ‘Chubb’

By Kapil Gauhar

Maze hacker group claims to have utilized ransomware to compromise the systems of insurance giant, Chubb. They additionally guarantee to have taken the company’s data.

Brett Callow, who is the threat analyst at cybersecurity firm, Emsisoft, told in an interview on March 27 that Maze published the claim on its website. While the site doesn’t give any immediate verification of the hack up until now, Callow brought up realities that give the claim an air of credibility –

“Maze’s past victims include governments, law firms, healthcare providers, manufacturers, medical research companies, healthcare providers and more.”

Maze’s Usual Way of Doing Things

Callow clarified that the group normally first claims the hacks after successful attacks and afterward — in case the casualty doesn’t pay — they publish a small amount of the stolen information as verification of the hack. Now, in case the compromised entity still doesn’t pay, Maze will begin publishing more and more sensitive data –

“Should the company still not pay, more data is published, sometimes on a staggered basis, to ramp up the pressure. In previous cases, the criminals have also published the data on Russian cybercrime forums with a note to ‘Use this information in any nefarious ways that you want.’ In one previous incident, the group demanded $1 million to decrypt a company’s data plus an additional $1 million to destroy the copy that had been stolen.”

Maze, in February, compromised US law firms and requested two 200 Bitcoin ransoms in exchange for restoring information and erasing extra copies of their files. The ransom sum demanded from Chubb isn’t presently known.

As indicated by company data site, Owler, Chubb is an insurance provider headquartered in Zurich with 32,700 workers and a yearly revenue of $34.2 billion. The firm didn’t answer the inquiry by press time.

A Sorted Hacker Group

Maze is an especially notorious and efficient cybercriminal group. Callow additionally disclosed in an interview that “Maze was the first ransomware group to steal and publish data, and it is a strategy that other groups have since adopted.”

Maze likewise publishes press releases on the same site where stolen information is published. Those announcements intently take after the statements released by standard organizations, in spite of the fact that they regularly contain syntactic mistakes. In one such official statement — published on March 22, 2020 — the group claims that it carries on its activities trying to focus on the absence of cybersecurity. The press release reads –

“We want to show that the system is unreliable. The cybersecurity is weak. The people who should care about the security of the information are unreliable. We want to show that nobody cares about the users. […] Some people like Julian Assange or Edward Snowden were trying to show the reality. Now it’s our turn. We will change the situation by making irresponsible companies pay for every data leak.”

The declaration likewise guarantees that the public will hear progressively about successful cyber attacks by the group later on. In another declaration — dated March 18, 2020 — the Maze hacker group additionally guaranteed that the firms they hack in the midst of the pandemic will have right to a rebate in the ransom –

“Due to the situation with the incoming global economy crisis and virus pandemic, our Team decided to help commercial organizations as much as possible. We are starting an exclusive discount season for everyone who has faced our product. Discounts are offered for both decrypting files and deleting of the leaked data. To get the discounts our partners should contact us using the chat or our news resource.”