Maze Ransomware adds Ragnar Locker to its extortion cartel
Another ransomware group has partnered with Maze Ransomware, Ragnar Locker, to utilize their data leak platform. Last week, it was discovered that LockBit ransomware had teamed up with the Maze operator. The massive data leak platform is used to extort victims whose files were stolen in a ransomware attack by one of the groups, threatening to publish unencrypted files in the public database if the ransom is not paid.
Maze, LockBit, and Ragnar Locker are now reportedly sharing intelligence to drive successful extortions, essentially creating a new threat actor group where competing ransomware operations collude with each other to increase the effectivity of their attacks. Maze ransomware operators stated that cooperation will lead to a “mutually beneficial outcome.”