Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
October 19, 2022
CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to reference the addition of a new Malware Analysis Report, MAR-10398871.r1.v2. CISA encourages organizations to review the latest update to AA22-228A ...
- Verizon notifies prepaid customers their accounts were breached
October 18, 2022
Verizon warned an undisclosed number of prepaid customers that attackers gained access to Verizon accounts and used exposed credit card info in SIM swapping attacks. “We determined that between October 6 and October 10, 2022, a third party actor accessed the last four digits of the credit card used to make automatic payments on your account,” ...
- Defenders beware: A case for post-ransomware investigations
October 18, 2022
Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, DART researchers detail a recent ransomware incident in which the attacker used a ...
- The benefits of taking an intent-based approach to detecting Business Email Compromise
October 18, 2022
Business email compromise (BEC) is one of the most financially damaging online crimes. As per the internet crime 221 report, the total loss in 2021 due to BEC is around 2.4 billion dollars. Since 2013, BEC has resulted in a 43 billion dollars loss. The report defines BEC as a scam targeting businesses (not individuals) ...
- Malware dev claims to sell new BlackLotus Windows UEFI bootkit
October 17, 2022
A threat actor is selling on hacking forums what they claim to be a new UEFI bootkit named BlackLotus, a malicious tool with capabilities usually linked to state-backed threat groups. UEFI bootkits are planted in the system firmware and are invisible to security software running within the operating system because the malware loads in the initial ...
- Phishing works so well crims won’t bother with deepfakes, says Sophos chap
October 17, 2022
Panic over the risk of deepfake scams is completely overblown, according to a senior security adviser for UK-based infosec company Sophos. “The thing with deepfakes is that we aren’t seeing a lot of it,” Sophos researcher John Shier told El Reg last week. Shier said current deepfakes – AI generated videos that mimic humans – aren’t the ...