Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- German government might have lost tens of millions of euros in COVID-19 phishing attack
April 18, 2020
The government of North Rhine-Westphalia, a province in western Germany, is believed to have lost tens of millions of euros after it failed to build a secure website for distributing coronavirus emergency aid funding. The funds were lost following a classic phishing operation. Cybercriminals created copies of an official website that the NRW Ministry of Economic Affairs had set ...
- Financial Cyberthreats in 2019
April 16, 2020
Financial cyberthreats are malicious programs that target users of services such as online banking, e-money, and cryptocurrency, or that attempt to gain access to financial organizations and their infrastructure. These threats are usually accompanied by spam and phishing activities, with malicious users creating fake financial-themed pages and emails to steal victims’ credentials. In order to study ...
- RagnarLocker ransomware hits EDP energy giant, asks for €10M
April 14, 2020
Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or €9.9M). EDP Group is one of the largest European operators in the energy sector (gas and electricity) and the world’s 4th largest producer of wind energy. The company is present ...
- Malicious Attackers Target Government and Medical Organizations With COVID-19 Themed Phishing Campaigns
April 14, 2020
Despite prior reporting by various sources indicating that some cyber threat attacker activity may subside in some respects during the COVID-19 pandemic, Unit 42 has observed quite the opposite with regard to COVID-19 themed threats, particularly in the realm of phishing attacks. While the various COVID-19 themed phishing campaigns observed by Unit 42 are numerous, this blog ...
- Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain
April 14, 2020
Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account. In the background, meanwhile, the ...
- Travelex Pays $2.3M in Bitcoin to Hackers Who Hijacked Network in January
April 10, 2020
Travelex has paid out $2.3 million in Bitcoin to hackers to regain access to its global network after a malware attack at the new year knocked the global currency exchange offline and crippled its business during the month of January. The move—reported by the Wall Street Journal—may seem counterintuitive, as experts in the past have typically recommended that companies ...