By 
On Monday, the operators of the Maze ransomware published tens of GB of internal data from the networks of electronic behemoths LG and Xerox in the aftermath of two botched extortion attempts.
The cybercriminals leaked 50.2 GB they claim to have pinched from LG’s internal network, and 25.8 GB of Xerox data.
Both of the recent leaks have been teased since late June. Essentially known for its eponymous ransomware, the Maze gang typically operates by breaking into corporate networks, stealing sensitive files and encoding data, followed by a ransom demand to decrypt files.
In the event of a victim’s refusal to pay the fee to decrypt their files, the Maze gang creates an entry on a “leak website” and intimidates to publish the victim’s sensitive data in a second form extortion effort.
Then, a few weeks’ time is given to the victim to consider its decision, and if they don’t concede during this second coercion attempt, the Maze gang will publish files on its portal.
LG and Xerox are at this last stage, after seemingly declining to meet the Maze gang’s demands.
Based on screenshots shared by the Maze gang last month, the data seems to comprise source code for the firmware of various LG products, such as phones and laptops.
The Maze gang, in an email in June, wrote that they did not perform their ransomware on LG’s network, but they only stole the company’s patented data and chose to skip to the second phase of their extortion attempts.
“We decided not to execute [the] Maze [ransomware] because their clients are socially significant and we do not want to create disruption for their operations, so we only have exfiltrated the data,” the Maze gang wrote.
When contacted for a comment in June, the LG security team said they would probe the incident and report any interruption to authorities.
