Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- Cracking the Code: How Banshee Stealer Targets macOS Users
January 9, 2025
Since September, Check Point Research (CPR) has been monitoring a new version of the Banshee macOS Stealer, a malware that steals browser credentials, cryptocurrency wallets, and other sensitive data. Undetected for over two months, Banshee’s latest version introduced string encryption taken from Apple’s XProtect, likely causing antivirus detection systems to overlook the malware. Threat actors distributed ...
- Google Chrome AI extensions deliver info-stealing malware in broad attack
January 9, 2025
Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates. Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the ...
- Italian digital identity provider suffers data breach, 5.5M customers affected
January 7, 2025
InfoCert has had millions of its customers’ personal data stolen and put up for sale. A leading European certification authority and provider of digital identity services such as Italy’s SPID (Public Digital Identity System), InfoCert posted a public notice on its website detailing the data breach on December 27. However, the notice has since been taken ...
- ICAO ‘investigating’ security breach after hacker claims theft of personal data
January 7, 2025
UN aviation agency ‘investigating’ security breach after hacker claims theft of personal data The International Civil Aviation Organization (ICAO), a United Nations agency that defines international operating standards for civil aviation, has confirmed it’s investigating a cybersecurity incident. In a statement published on Monday, ICAO said it is “actively investigating reports of a potential information security ...
- China protests US sanctions for its alleged role in hacking, complains of foreign hacker attacks
January 7, 2025
China has slammed a decision by the U.S. Treasury to sanction a Beijing-based cybersecurity company for its alleged role in multiple hacking incidents targeting critical U.S. infrastructure, while the Chinese cyber security agency complained Monday of attacks on Chinese networks. Asked about the sanctions against Beijing-based Integrity Technology Group, Chinese Foreign Ministry spokesperson Guo Jiakun said ...
- EAGERBEE, with updated and novel components, targets the Middle East
January 6, 2025
In recent investigation into the EAGERBEE backdoor, kaspersky researchers found that it was being deployed at ISPs and governmental entities in the Middle East. The researchers analysis uncovered new components used in these attacks, including a novel service injector designed to inject the backdoor into a running service. Additionally, Kaspersky team discovered previously undocumented components (plugins) ...