Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- LAUSD says Vice Society ransomware gang stole contractors’ SSNs
January 20, 2023
Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang has stolen files containing contractors’ personal information, including Social Security Numbers (SSNs). LAUSD also revealed that the threat actors were active in its network for over two months, between July 31, 2022, and September 3, 2022. Read ...
- 37 million T-Mobile customers hacked in data breach
January 20, 2023
T-Mobile said a “bad actor” accessed personal data from 37 million current customers in a November data breach. In a regulatory filing Thursday, the company said the hacker stole customer data that included names, billing addresses, emails, phone numbers, dates of birth, T-Mobile account numbers, and information describing the kind of service they have with the ...
- Ransomware severs 1,000 ships from on-shore servers
January 19, 2023
Norwegian maritime risk management business is getting a lesson in that very area, after a ransomware attack forced its ShipManager software offline and left 1,000 ships without a connection to on-shore servers. DNV said the attack happened on January 7, and updated its report yesterday to say it involved ransomware – but affected vessels are not ...
- PayPal says crooks poked around 35,000 accounts in credential stuffing attack
January 19, 2023
The personal information of 35,000 PayPal users was exposed in December, according to a notification letter sent to the online payment company’s customers this week. PayPal attributed this privacy breach to “unauthorized parties,” who accessed accounts using customer login credentials. That is to say, whoever got into the accounts had found out or guessed their victims’ ...
- Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
January 19, 2023
Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant chains, has been targeted by a ransomware attack that forced the closure of 300 locations in the United Kingdom. Yum! Brands operates 53,000 restaurants across 155 countries and territories, with over $5 billion in total assets ...
- Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
January 19, 2023
Roaming Mantis (a.k.a Shaoye) is well-known as a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial motivation. Kaspersky has been investigating the actor’s activity throughout 2022, and we observed a DNS changer ...