Ransomware gang, Maze, strikes again. This time, the victim is a US-based independent advisory firm specializing in the consumer and retail sectors. They have a number of big clients including businesswoman and former Spice Girl, Victoria Beckham.

Maze’s official dark web blog lists Threadstone Advisors, LLC as one of their victims following an attack within the last 24 hours.

Threadstone Advisors, LLC worked with Victoria Beckham to establish an investment liaison with NEO investment partners. Among the advisory firm’s clients are Charles S. Cohen, Pittsburgh Brewing Co., and Xcel Brands. 

Stolen data leak is “coming soon”

As of press time, Maze has leaked information belonging to Threadstone’s managing director, Joshua Goldberg. The group claimed that proof of further stolen data is “coming soon,” according to the announcement.

Such a threat could mean that the company has not paid the ransom demanded by the gang, and there is also no information on how much money in cryptos was requested.

Cointelegraph reached out to representatives from Threadstone Advisors, LLC, but have not yet received a response. We will update this article with comments accordingly.

Brett Callow, thread analyst at malware lab Emsisoft, told Cointelegraph:

“The fact that other ransomware groups have adopted Maze’s encrypt-and-exfiltrate double-whammy style of attack likely proves that the strategy works and, consequently, it will probably eventually be adopted by those groups which do not currently steal data. Of course, the strategy will be more effective in some cases than in others. Companies which hold highly sensitive information relating to their clients - such as an M&A advisory - may be more inclined to pay to prevent their data being posted online than other businesses.”

Ransomware gangs are getting more aggressive

The cybersecurity expert warns that the tactics employed by ransomware groups like Maze are becoming “ever more extreme”. He states that hackers are weaponizing stolen data via threats against business partners, clients, and to harm companies ’reputations.

Callow adds the following:

“This may be a natural evolution, or it may be a response to the Covid-19 pandemic. With so many companies facing financial challenges, fewer may be able or willing to pay ransom demands resulting in the groups seeking to exert additional pressure in an attempt to increase their conversion rate.”

ST Engineering Aerospace’s US subsidiary recently suffered a ransomware attack, reportedly by Maze, that managed to extract about 1.5TB of sensitive data from the firm and its partners.

The gang also claimed to have hacked United States egg producer, Sparboe, in a post on its website. The blog post includes sample data that the group claims was stolen from the company.