Windows Maze: Criminals Use Ransomware To Attack Indian Highways Authority


The cybercriminals have utilized the Maze Ransomware that can be utilized to attack the Windows systems in the bid to hit the Indian public sector body’s infrastructure, The National Highways Authority of India and released the data that they had stolen before they have encrypted it on the website.

The NHAI was set up back in the year 1988 via an act of the Parliament and has been mandated to furnish an organization that would develop, manage and maintain the national highways in India. Under its purview, via the roads, it constitutes 2% of the total arterial roads for inter-state movement of passengers & goods in the country and carries nearly 40% of the traffic. The National Highways make up a total of nearly 132,499 kilometres of the roads.

Image: The Indian Express

The data that has been released by the Maze attackers indicates that the NHAI has not yet responded to the ransom note generally generated on a system, which is a hit. The attack was made public for the very first time on the 2nd of July, 2020. The notice provides the victims with a contact email and as well as lists the amount that has been demanded to decrypt the data and along with it destroy what was stolen. The maze ransomware is widely used by the variety of the attack groups and was used to hit the global technology firm, Pitney Bowes.

The other attacks took place on the Texas Foundry Group named X-FAB, a Thailand power authority, the global defense group called ST Engineering, the Belgian accounting firm HLB, a well-reputed Indian sweets manufacturer Haldiram’s, the Sydney strata management company Strata Plus and finally Cognizant, the technology consulting company.

Image: The Hindu Business Line

The ransomware, Maze is known first to infiltrate the data from a victim and then it encrypts the data on the website. Then the ransom note is generated on the infected systems. If the victim happens to pay the ransom, a decryption key is sent to the victim, the stolen data is deleted, and the matter gains a closure. In such cases, most of the victims opt-out of the payment. This is when the attackers release a little of the data that has been exfiltrated.

It has been seen that data gets released as time and situation progresses numbering to a lot. Finally, if the victim seems least interested in all of these activities and still makes up his mind for not paying up, the data is also dumped on the various cybercrime forum of the dark web so that people hunting for those details can use them for any purpose, even for illegal ones. The NHAI cannot be contacted as it offers no email address on its website for this or any other of the goal.

Source: iTWire

Disclaimer: does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.


Please enter your comment!
Please enter your name here