Maze ransomware gang says it has quit the cybercrime business

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Maze ransomware gang says it has quit the cybercrime business

A press release on the website of a notorious cybercrime gang, who stole data from organisations and demanded a ransom be paid for its safe return, says that it is closing down.

The Maze gang not only encrypted files on corporate networks with their ransomware so they could no longer be accessed, they also exfiltrated the data from systems they infected and threatened to release it if a ransom was not paid.

On its website, the Maze had gang warned that they would release to the public and media details of a security breach, sell commercially-valuable stolen information to other criminals, inform stock exchanges about the hack and loss of sensitive information, and use stolen data to attack clients and partners.

Maze victims

Other ransomware (such as REvil, also known as Sodinokibi) witnessed that this was a particularly successful way of squeezing money out of breached companies, and followed a similar strategy.

Sign up to our free newsletter.
Security news, advice, and tips.

But today, the Maze cybercrime group’s main webpage has been replaced with a “press release” announcing that it is curtailing its operations:

Maze announcement

Part of the announcement reads:

“The Project is closed.”

“Maze Team Project is announcing it is officially closed.
All the links to out project, using of our brand, our work methods should be considered to be a scam.”

“We never had partners or official successors. Our specialists do not works with any other software. Nobody and never will be able to host new partners at our news website. The Maze cartel was never exists and is not existing now. It can be found only inside the heads of the journalists who wrote about it.”

“Attention to everyone who wants for its private information to be deleted from our news website. You can contact to Maze support chat. Support will be continued for a month after the press release.”

The rest of the press release is something of a rant. Well done if you can make sense of it. Here’s a sample:

“Crypto currencies are going higher and higher and after some time the price will reach a million dollars for a single coin. When all the coins will be dumped by its owners to buy real money. So all the bitcoins will be concentrated by a few people so they will be able to transform the world to a digital platform by ruining it.”

“With all your recklessness, unawareness and stupidity you are pushing the the world into it. You are slowly turning into a controllable flock. You would not even notice when you will be tagged with chips or your DNA will be the only was to access the new digital world. As it will be the only place you can leave in, to get paid and consume.”

“All your technologies are a symbol of your helplessness. Once going to wheelchair a man will not be able to walk again. And once trusting your mind to a technology you won’t be able to recover your consciousness. By delegation the part of your conscious activity to machines you won’t be able to watch at the reality with the clear eye.”

“You are calling the ones who are killing your mind as your friends and support. And you also calling the ones who are showing you your weakness as the foes and mobsters. The modern world is confusing the cause and the effect, the good and the evil.”

“Think about it. Try to prevent it. You think that the modern world is a hell. But it’s just coming and you are doing much for it.”

“We will be back to you when the world will be transformed. We will return to show you again the errors and mistakes and to get you out of the Maze.”

So there you go.

Past victims of the Maze ransomware have been many and varied, and include Xerox, multinational IT services giant Cognizant, as well as law firms and medical research organisations.

Goodbye Maze. We would be lying if we said that we weren’t pleased to see the back of you.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

7 comments on “Maze ransomware gang says it has quit the cybercrime business”

  1. Maryann Campbell
  2. Driod

    By delegation the part of your conscious activity to machines you won’t be able to watch at the reality with the clear eye.” Ain't this true. But how many today want to leave in reality.

  3. Angel Prissadnikov

    Project finished? Care about our consciences?
    Do we really believe that they will throw away all the hacking tools and start a life away from the machines?

  4. JezT

    Or they've been successful enough to retire to the Caribbean and know when to call it quits before the worlds law enforcement agencies pick up the trail.

  5. Erik Holmgren

    By allowing the cybersphere to control virtually every aspect of our existence, we have given control to those who will take it for their own benefit. Law enforcement is being made increasingly irrelevant by cybercriminals who can be across the planet or next door. It will get worse.

    Thank you for the front row seat to your demise.

  6. john mark madale

    Well not really, coz according from the news I've read, maze ransomware group is still up and to ensure all their victims will pay ransoms cybercriminals have added blackmailing on their arsenal. I've read it from here https://www.cybersecasia.net/news/targeted-ransomware-groups-such-as-maze-trending-in-southeast-asia

    1. Graham CluleyGraham Cluley · in reply to john mark madale

      That article is dated October 2020, which is earlier than the "retirement" announcement.

      I'm not saying, of course, that criminal gangs can be entirely trusted in their announcements…

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.