You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Chipmaker Exposed in Maze Attack

Maze has struck again. This time stealing sensitive data from a computer chipmaker.

The Maze Ransomware team has struck again.

Maze on a tear

This time it's semiconductor manufacturer MaxLinear (NYSE: MXL). The company reported details of the attack to the SEC and the California Attorney General. Unfortunately, the Maze team spent plenty of time in the company's network stealing files before being discovered. (Maze has been busy, like here and here.)

Our investigation to-date has identified evidence of unauthorized access to our systems from approximately April 15, 2020 until May 24, 2020. - letter to California AG

And to be fair, the attackers were only discovered when they were ready to announce themselves. Once they've taken the data desired, they can then launch their Ransomware, announcing their presence with a financial demand.

We have no plans to satisfy the attacker’s monetary demands.

MaxLinear says they will not be paying the ransom, though this is still a difficult decision. In typical form, the Maze team has started releasing sensitive files to force payment. And this is has become a go-to strategy for hackers, just like here and here.

On June 15, 2020, the attacker released online certain proprietary information. -SEC filing

Now the company is left with exposed employee data and vulnerable intellectual property.

For manufacturers, exposure of trade secrets, intellectual property and R&D plans can be catastrophic.

It's time to protect your team and your assets from these attacks.

Are you ready to take action?
You already have a lot on your plate, so we make it easy. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) team here!

Original article here.
[https://securityboulevard.com/2020/06/maxlinear-discloses-maze-ransomware-attack-that-compromised-employee-data/]
Letter produced for California AG here.
[https://oag.ca.gov/system/files/Consumer_Letter%20%2820200610%29.pdf]
SEC Filing here.
[https://www.sec.gov/Archives/edgar/data/1288469/000128846920000139/mxl-20200616.htm]

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.