[BreachExchange] Maze used to attack big Thai beverages company

Destry Winant destry at riskbasedsecurity.com
Tue Jul 28 10:25:36 EDT 2020


https://itwire.com/security/maze-used-to-attack-on-big-thai-beverages-company.html

Malicious attackers have used the Maze Windows ransomware to attack
the Thai Beverage Public Company and advertised the fact on the dark
web.

It appears that the company has yet to reject the ransom demand held
out by the gang as no data collected during the attack has yet been
made public by the attackers.

This is the second attack using Maze on a Thai company. Thailand's
Provincial Electricity Authority was hit on 22 June.

The Electricity Generating Authority of Thailand has three thermal
power plants, six combined cycle power plants, 24 hydropower plants,
eight renewable energy plants, and four diesel power plants, according
to Wikipedia.

A large proportion of the electricity generated by EGAT is sold to the
Metropolitan Electricity Authority, which supplies the Bangkok region.
The Provincial Electricity Authority supplies the rest of Thailand.

The attack on the Thai Beverage Public Company advertised on the Maze
website on the dark web.

Thai Beverage Public Company is based in the capital, Bangkok, and has
registered capital amounting to 29 billion baht (A$1.29 billion) with
paid-up capital of 25.11 billion baht which consists of the same
number of shares issued at one baht each.

The company has beverage groups in Singapore, Cambodia, Malaysia,
China and Thailand. In the west, it has interests in the US, UK, Hong
Kong. Subsidiaries have also been opened in Vietnam and East Timor.

Maze is used widely by a variety of attack groups and was used to
attack the global technology firm Pitney Bowes.

Other attacks of note have been on the Texas foundry group X-FAB, a
Thailand power authority, the Belgian accounting firm HLB, the global
dfence group ST Engineering and the Sydney strata management company
Strata Plus.


More information about the BreachExchange mailing list