The ransomware is a virus that takes devices hostage, encrypts the files contained and to get them back you have to pay a redemption to cyber criminals. Among the encrypted files, in fact, there appears one named DECRYPT-FILES.txt containing the instructions to pay the ransom and purchase the private key needed to decrypt the files. To try to seem more plausible, the message that Maze distributes relies on three domains, registered a few days ago, which might seem legitimate to a distracted eye but in reality they are not: it is agencyentrateinformazioni.icu, agenziaentrate.icu and Agenziainformation .icu.
Fraud false e-mails on electronic billing, alert of the Revenue Agency
At the moment a tool to defend oneself has not been created, therefore prevention is needed. The first step is to update both the antivirus and the operating system, in addition of course to the version of Flash Player installed on the computer, given that Maze just exploits a vulnerability in these Adobe software. Then it is important to periodically perform a data backup, ie a copy of your files to be restored in case of attack. Finally, verify that every email actually arrives from the indicated sender: in this case, the domains used do not belong to the Revenue Agency.