Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- UK: National Grid plots ‘honeypots’ to catch hackers as cyber attacks ramp up
August 30, 2023
National Grid is to set “honeypots” and plant false documents online as part of efforts to counter a surge in cyber attackers. The Grid has advertised a contract worth more than a million pounds to secure advanced cyber “deception” technology to help improve its digital defences. The London-listed infrastructure provider, which runs Britain’s electricity network and ...
- CISA and FBI Publish Joint Advisory on QakBot Infrastructure
August 30, 2023
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Identification and Disruption of QakBot Infrastructure, to help organizations detect and protect against newly identified QakBot-related activity and malware. QakBot—also known as Qbot, Quackbot, Pinkslipbot, and TA570—is responsible for thousands of malware infections globally. Originally used ...
- Exploring the Inner Workings of DuckTail
August 30, 2023
In their persistent quest to decode DuckTail’s maneuvers, Zscaler ThreatLabz began an intelligence collection operation in May 2023. Through an intensive three-month period of monitoring, Zscaler researchers obtained critical details about DuckTail’s operational framework. This expedition granted them unprecedented visibility into DuckTail’s end-to-end operations, spanning the entire kill chain from reconnaissance to post-compromise. Zscaler team yielded valuable ...
- For the win? Offensive research contests on criminal forums
August 29, 2023
If you’re a security researcher who wants to share your innovations and insights with the wider community (and gain some peer recognition into the bargain), you’ve got a few options: present at conferences; write papers, blogs etc. The legitimate side of the house is awash with opportunities. But what if you’re a threat actor, whose research ...
- CISA Releases IOCs Associated with Malicious Barracuda Activity
August 29, 2023
CISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances. Read more… Source: U.S. Cybersecurity and Infrastructure ...
- Deconstructing ransomware, cybercriminals and their modus operandi
August 29, 2023
The problem of ransomware is a seemingly age-old problem that is not going away, at least not any time soon. Governments and law enforcement are banding together to try to battle this issue with financial sanctions and takedowns of the groups behind ransomware attacks but they’re like the mythical beast Hydra – take the head ...