Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- Hackers target UK in huge cyber attack ‘in response to airstrikes in Yemen’
January 13, 2024
Hackers say they launched a massive cyber attack against the UK in response to airstrikes in Yemen. Anonymous Sudan said Friday’s raid on an internet company was also because Britain had shown “support” for Israel. In a statement on messaging platform Telegram, the group warned: “Big attack on UK soon, in response to the air attacks ...
- Joomla! vulnerability is being actively exploited
January 12, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability for the Joomla! Content Management System (CMS) to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by January 29, 2024 in order to protect their devices against active ...
- Financial Fraud APK Campaign
January 12, 2024
During Unit 42 ivestigation discovering threats in legitimate network traffic, activity generated by a certain type of Android Package Kit (APK) files kept hitting their radar. The research revealed a family of malicious APKs targeting Chinese users that steals victim information and conducts financial fraud. To do this, the threat actor masquerades as a law enforcement ...
- Dallas says cyberattack targeted more people than previously disclosed
January 11, 2024
Hackers who targeted the city of Dallas had access to the addresses, Social Security numbers and other personal information of nearly 300 more people than what had been previously disclosed to the public, city officials now say. The city’s spokesperson confirmed on Wednesday that further internal investigations into the cyberattack determined an additional 293 people, including ...
- Medusa Ransomware Turning Your Files into Stone
January 11, 2024
Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. Medusa threat actors use this site to disclose sensitive data from victims unwilling to comply with their ransom demands. As ...
- Atomic Stealer rings in the new year with updated version
January 10, 2024
Last year, Malwarebytes Labs researchers documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users. This stealer has proven to be quite popular in the criminal underground and its developers have been adding new features to justify its hefty $3000/month rental fee. It looks like Atomic Stealer was updated ...