Egg Producer's Data Poached by Ransomware, Will They Shell Out Bitcoin?

Published at: May 19, 2020

Ransomware group Maze claims to have hacked United States egg producer Sparboe in a post on its website.

The website of cybercriminal organization Maze recently published a new entry claiming that the group hacked Sparboe. The post includes sample data that the group claims was stolen from the company.

Maze: A major cybercrime organization

Threat analyst at cybersecurity firm Emsisoft Brett Callow told Cointelegraph that in every hack by Maze so far, the group asked for a ransom in Bitcoin (BTC). There also appears to be no particularly easy and focused way to protect companies from such hacks, as the group uses multiple attack vectors:

“Like other ransomware groups, Maze has been observed to use multiple methods to penetrate corporate networks including malspam, the use of stolen credentials and attacks on misconfigured or unpatched internet-facing systems.”

Maze is known for attacking high-profile companies and ask for particularly high ransoms. Previously, the group threatened to leak millions of credit card numbers after having allegedly hacked Banco BCR, a Costa Rican state-owned bank.

Maze is seemingly following its usual strategy, which includes rendering the victim’s data inaccessible by encrypting it and stealing a copy. Later the group asks for two separate ransoms to restore access to the data for the victim and another one to promise not to leak it.

As Cointelegraph reported in early May, Brett Callow told Cointelegraph about another hack by Maze:

“In a previous case, Maze claimed their demand was $2 million: $1 million to decrypt the victim’s data and an additional $1 million to destroy the copy of it.”

A controversial hack victim

According to Sparboe’s website, the Minnesota chick and egg distributor “hatched in 1954” and, according to company data website Owler, now has an estimated annual revenue of $30 million. The company is a major producer, but in 2011 it was dropped by McDonald’s and Target — one of its biggest clients — after Sparboe found itself in the midst of an animal cruelty scandal.

As CNN reported at the time, animal rights group Mercy for Animals shot an alleged undercover video at three of the Sparboe’s barns in Colorado, Iowa and Minnesota. The footage showed workers mistreating animals for fun, burning beaks and the birds being crammed into crowded cages. McDonald’s said in a statement:

“Regarding the undercover videos, the behavior on tape is disturbing and completely unacceptable. McDonald's wants to assure our customers that we demand humane treatment of animals by our suppliers. [...] It's important to note that the most alarming actions on video did not occur at Sparboe's Vincent, Iowa, facility that supplies McDonald's.”

Tags
Bitcoin
Cryptocurrencies
Ransomware
Malware
Related Posts
Bitcoin Ransomware and Remote Working: What the Future Holds
The new work-from-home culture is gaining more traction than ever before as businesses, government departments and schools try to remain afloat while flattening the pandemic curve. This migration to remote working is a double-edged sword that creates a fertile land for cybercriminals to thrive on. There is no way that cyberattacks can be eliminated completely. The best that companies can do is minimize the frequency of the threats. What is ransomware? Cybercriminals use malicious software code to block people or organizations from accessing their computer systems until a ransom has been paid. Cryptocurrencies such as Bitcoin (BTC) have made it …
Technology / Aug. 21, 2020
Ransomware Gangs Are Teaming Up to Form Cartel-Style Structures
Recent ransomware attacks from well-known cybercriminal groups have been suggesting that gangs are forging cartel-style alliances to pressure their respective victims to pay the ransom requests. Cointelegraph has obtained access to what seems to be a darknet site that belongs to the Maze group. On the site, Maze has been leaking stolen data beginning sometime after Sunday. The central feature to highlight is that the gang notes that Ragnar Locker, another ransomware group, provided the info, as the title of the blog post says: “MAZE CARTEL Provided by Ragnar.” Some of the victims listed are United States-based companies. Speaking with …
Bitcoin / June 9, 2020
New Ransomware Employs Never-Before-Seen Attack Method
A new study warns of a new ransomware attack method that runs a virtual machine on target computers in order to infect them with the ransomware. This may play the attack beyond the reach of the computer’s local antivirus software. According to the UK-based cybersecurity firm Sophos, the Ragnar Locker attack is quite selective when choosing its victims. Ragnar’s targets tend to be companies rather than individual users. Almost 1,850 BTC in ransom demanded in a single attack Ragnar Locker asks victims for large amounts of money to decrypt their files. It also threatens to release sensitive data if users …
Technology / May 22, 2020
New Ransomware Uses a Banking Trojan To Attack Governments and Companies
A new type of ransomware attack emerged in recent months, raising red flags among the cybersecurity community and authorities such as the FBI in the United States. Cybersecurity firm Group-IB has warned that it comes in the form of a Trojan, according to a report published on May 17. According to Group-IB’s study, the ransomware is known as ProLock and relies on the Qakbot banking trojan to launch the attack and asks the targets for six-figure USD ransoms paid out in BTC to decrypt the files. The roster of victims includes local governments, financial, healthcare and retail organizations. Among them, …
Bitcoin / May 19, 2020
Maze Hacker Group Claims Infecting Insurance Giant Chubb with Ransomware
Black hat hacker group, Maze, claims to have used ransomware to compromise the systems of insurance giant, Chubb. They also claim to have stolen the firm’s data. Brett Callow, threat analyst at cybersecurity firm, Emsisoft, told Cointelegraph on March 27 that Maze published the claim on its website. While the website does not provide any direct proof of the hack so far, Callow pointed out facts that give the claim an air of credibility: “Maze’s past victims include governments, law firms, healthcare providers, manufacturers, medical research companies, healthcare providers and more.” Maze’s modus operandi Callow explained that the group usually …
Bitcoin / March 29, 2020