Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- Massive COMB data breach reveals info on over a billion people
May 14, 2024
Someone is combining information on Chinese citizens leaked in different data breaches into a single database, and has so far made more than 1.2 billion records. This compilation of many breaches (COMB) contains plenty of sensitive user information, including phone numbers, postal addresses, ID card numbers, and more. Researchers claim they spotted an unprotected database on ...
- Christie’s £670m art auctions hit by cyber attack
May 14, 2024
Auction house Christie’s attempts to sell art and other high-value items worth an estimated $840m (£670m) are being hampered by a cyber attack. Lots ranging from a Vincent van Gogh painting, valued at $35m, to rare wine are going under the hammer in its spring auctions. Would-be buyers are unable to view them on its website ...
- Ireland: More than 470 legal proceedings issued against health service after ransomware hit
May 14, 2024
More than 470 legal proceedings have been issued against the Health Service Executive (HSE) in relation to a cyber attack that shutdown the health service’s IT systems and compromised the data of thousands of patients and staff three years ago. Conti, a Russia-based cybercrime group, launched its ransomware attack on the health service on May 14th, ...
- Foxit PDF “Flawed Design” Exploitation
May 14, 2024
In the realm of PDF viewers, Adobe Acrobat Reader reigns supreme as the industry’s dominant player. However, while Adobe Acrobat Reader holds the biggest market share, notable contenders are vying for attention, with Foxit PDF Reader being a prominent alternative. With more than 700 million users located in more than 200 countries and significant customers in ...
- QakBot attacks with Windows zero-day (CVE-2024-30051)
May 14, 2024
In early April 2024, Kaspersky researchers decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild. While searching for samples related to this exploit and attacks that used it, they found a curious document uploaded to VirusTotal on ...
- Millions of Messages Distribute LockBit Black Ransomware
May 13, 2024
Beginning April 24, 2024 and continuing daily for about a week, Proofpoint observed high-volume campaigns with millions of messages facilitated by the Phorpiex botnet and delivering LockBit Black ransomware. This is the first time Proofpoint researchers have observed samples of LockBit Black ransomware (aka LockBit 3.0) being delivered via Phorpiex in such high volumes. The LockBit ...