Maze Ransomware Now Available for Attack Simulation

Mar 17, 2020 6:00:00 AM |


Social Share:

Remote Work and Increased Cyberattacks


While the world implements social distancing and turns its eyes toward the internet in search of the latest news on the COVID-19 pandemic, hackers are seizing the opportunity and increasing phishing campaigns and other cyberattacks.

Companies following CDC guidelines and asking employees to exercise social distancing by working remotely (often referred to as "telecommuting") may be at an increased risk for cyberattacks during the pandemic. For many organizations, telecommuting is uncharted territory. Unpatched or outdated virtual private network (VPN) software, malicious emails, and vulnerabilities in Wi-Fi networks pose some of the greatest risk to telecommuters. In some instances, threat actors are leveraging coronavirus in phishing email campaigns to prompt victims to click malicious links.

Six New Ransomware Variants Added to Threat Runner

Last week, we added six new ransomware variants to Threat Runner: Maze, Ako, Clop, Snake/Ekans, MegaCortex, Fuxsoy. These six new variants, responsible for a spate of recent attacks, are now available for simulation on organizations, large and small. As the COVID-19 pandemic continues, we are actively working to identify and de-weaponize the prominent coronavirus themed malware present in the threat landscape.Our team of practitioners and software developers consistently work to identify and reverse engineer leading malware variants to make them available for attack simulation with Threat Runner. Coronavirus has not impacted these ongoing efforts. 

“Our goal is to empower the client—to get them the resources they need to make necessary changes and protect their network,” said Kendall Blaylock, director of cyber intelligence and product development at HORNE Cyber. “We created Threat Runner so that organizations can affordably test against real ransomware. As we saw with the recent Snake/Ekans attack that forced a two-day shutdown of a natural gas facility, it’s critical that organizations of all sizes take an offense-oriented approach to cybersecurity.”

Incorporating new ransomware variants, such as Snake/Ekans and Maze, helps organizations stay up to date on ransomware preparedness by simulating these de-weaponized ransomware variants, strengthening their security posture and mitigating the risk of damage of a potential attack. 

Threat Runner client Adam T. Morrison, Director of IT Engineering at Pearl River Resort, stated:

“HORNE Cyber’s Threat Runner provides peace of mind by allowing us to safely test those protective security measures. Without Threat Runner we would be forced to take a ‘wait and see’ security stance and that is not a posture we are willing to take.”

Ransomware Doesn't Sleep, Test Your Preparedness Today

An unprecedented pandemic is not the only thing threatening to close business doors. Ransomware, especially in times of public concern, continues to play a detrimental role in the privacy, integrity, and availability of organizations' data. For as little as $750, you can begin simulating authentic ransomware attacks on your organizations network, improving your security posture and mitigating the risk of damage caused by a potential attack.

To download and start running Threat Runner, visit If you have questions about Threat Runner or would like more information, please contact Kendall Blaylock, director of cyber intelligence and product development, at