Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- City of Oakland systems offline after ransomware attack
February 10, 2023
The City of Oakland was hit by a ransomware attack on Wednesday night that forced it to take all systems offline until the network is secured and affected services are brought back online. The attack has not affected core services, with the City saying that 911 dispatch and fire and emergency resources are all working as ...
- PayPal and Twitter abused in Turkey relief donation scams
February 9, 2023
Scammers are now exploiting the ongoing humanitarian crisis in Turkey and Syria: this time stealing donations by abusing legitimate platforms like PayPal and Twitter. This week, high magnitude earthquakes claimed more than 15,000 lives, caused extensive infrastructural damage and disrupted network connectivity across the Middle East and Mediterranean region. Read more… Source: Bleeping Computer
- UK government “left council to deal with ransomware attack” that cost £11m
February 9, 2023
The government left Redcar and Cleveland Borough Council to fight a massive ransomware attack alone for a week, with minimal support or correspondence, the council’s leader has said. Mary Lanigan told MPs yesterday that while police and cybercrime officers were on site within two days, help from Westminster was lacking. Recovering from the incident cost ...
- UK cracks down on ransomware actors
February 9, 2023
Seven Russian nationals have assets frozen and travel bans imposed ransomware is a tier 1 national security threat, with attacks against businesses and public sector organisations increasingly common. Recent victims include UK schools, local authorities and firms – whilst internationally the Irish Health Service Executive, Costa Rican government and American healthcare providers were targeted new campaign of ...
- ‘Real arms race’ on defending Irish health system against cyber attacks
February 9, 2023
There is a “real arms race” between cyber attackers and efforts to defend Irish health systems, a committee has heard. The Public Accounts Committee also heard that 32,000 letters had been issued in recent weeks to patients, clients and staff affected by the 2021 Health Service Executive (HSE) cyber attack. Read more… Source: independent.ie
- Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
February 9, 2023
Trend Micro researchers recently found an active campaign that uses a fake employment pretext targeting Eastern Europeans in the cryptocurrency industry to install an information stealer. In this campaign, the suspected Russian threat actors use several highly obfuscated and under-development custom loaders to infect those involved in the cryptocurrency industry with the Enigma Stealer (detected ...