Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- Fake ChatGPT download site infects Windows and Mac users with malware
May 28, 2026
A convincing fake website is impersonating OpenAI’s ChatGPT download page and infecting visitors with malware designed to steal passwords, browser data, cryptocurrency wallets, and other sensitive information. The site, openewapp, closely mimics OpenAI’s real ChatGPT download experience and offers what appear to be official desktop apps for both Windows and macOS. Instead, Windows users receive a ...
- Supply Chain Compromises Impact Nx Console and GitHub Repositories
May 28, 2026
CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development (CI/CD) pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code (VS Code) extension and the “Megalodon” supply chain intrusion campaign, demonstrate how cyber threat actors are abusing tools and ...
- Hackers are trying to steal Signal users’ backups in new wave of phishing attacks
May 28, 2026
Hackers are targeting Signal users in an attempt to steal their chat backups as part of a new hacking campaign, TechCrunch has learned. On Wednesday, Washington Post analyst Josh Rogin posted a screenshot of a new kind of attack against Signal users, where hackers pretend to be the app’s support team and warn the target that ...
- Carnival confirms ShinyHunters cruised off with 6M customer records after April breach
May 28, 2026
Carnival Corporation – the world’s largest cruise operator – has confirmed a digital heist, a month after hacking crew ShinyHunters claimed to have stolen millions of customers’ records. The breach, Carnival confirmed, stemmed from an April 14 social engineering attack on an employee, though the company declined to comment on the scale or name ShinyHunters. Read more… Source: ...
- Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup
May 27, 2026
The FBI is issuing this Public Service Announcement (PSA) to warn the public that cyber threat actors are conducting spoofing attacks against the Fédération Internationale de Football Association (FIFA) website in advance of the 2026 FIFA World Cup. A spoofed website is designed to pose as a legitimate website, with branding, product listings, etc., and malicious ...
- Industrial robots targeted by malware, which could open them up to hacking
May 25, 2026
A critical command injection vulnerability has been discovered in Universal Robots PolyScope 5, the operating system whucg powers the company’s collaborative robots. The flaw, tracked as CVE-2026-8153, carries a CVSS score of 9.8 and affects all software versions prior to PolyScope 5.25.1. This vulnerability could lead to complete compromise of the robot controller, affecting the confidentiality, integrity, and availability ...