Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- Billion-dollar financial giant EquiLend hit by cyberattack
January 25, 2024
EquiLend, a global financial technology, data and analytics firm, suffered a cyberattack – possibly ransomware – that forced parts of its digital infrastructure offline. In a press release, EquiLend said that on January 22, 2024, its technicians identified a “technical issue that placed portions of our system offline.” Following an investigation, the company identified a cybersecurity ...
- Another Phobos Ransomware Variant Launches Attack – FAUST
January 25, 2024
The Phobos ransomware family is a notorious group of malicious software designed to encrypt files on a victim’s computer. It emerged in 2019 and has since been involved in numerous cyber attacks. This ransomware typically appends encrypted files with a unique extension and demands a ransom payment in cryptocurrency for the decryption key. FortiGuard Labs has ...
- Russian hackers attack Ukraine MoD resources
January 25, 2024
Cyber attacks by Russian government-funded groups on the resources run by the Ministry of Defense using phishing, distribution of remote code execution malware, and blocking of access to web resources have been recorded. “Last day, attacks on Ukraine’s government and commercial sectors were recorded. Also, attacks by Russia-funded hacker groups were launched on the resources of ...
- Mexican Banks and Cryptocurrency Platforms Targeted With AllaKore RAT
January 24, 2024
A financially motivated threat actor is targeting Mexican banks and cryptocurrency trading entities with custom packaged installers delivering a modified version of AllaKore RAT – an open-source remote access tool. Lures use Mexican Social Security Institute (IMSS) naming schemas and links to legitimate, benign documents during the installation process. The AllaKore RAT payload is heavily modified ...
- Veolia North America hit by ransomware attack
January 24, 2024
A department in Veolia North America, a transnational company offering water, energy and waste recycling management services, suffered a ransomware attack which resulted in the theft of some personal data, and forced the company to take parts of its infrastructure offline. In a press release published on the Veolia website, the company confirmed its Municipal Water ...
- UK: Cybercriminals claim to have stolen data from Southern Water
January 24, 2024
Cybercriminals claim they have stolen data from a water company’s IT systems. Southern Water, which has hundreds of thousands of customers in Kent, says it has detected suspicious activity and launched an investigation led by cybersecurity experts. But it says there is no evidence to suggest “customer relationships or financial systems” have been affected. In a ...