Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- Social Engineering Based on Stimulus Bill and COVID-19 Financial Compensation Schemes Expected to Grow in Coming Weeks
March 27, 2020
Given the community interest and media coverage surrounding the economic stimulus bill currently being considered by the United States House of Representatives, we anticipate attackers will increasingly leverage lures tailored to the new stimulus bill and related recovery efforts such as stimulus checks, unemployment compensation and small business loans. Although campaigns employing themes relevant to ...
- Cyber criminals shift focus to target remote workers
March 27, 2020
Criminals are only just getting started when it comes to exploiting the global spread of coronavirus to profit from hacking and cybercrime, and the number of attacks is likely to rise, Europe’s law enforcement agency Europol has warned. The new report on how criminals profit from the COVID-19 pandemic details the increase in coronavirus-themed attacks, including phishing emails and spam ...
- Ryuk Ransomware Keeps Targeting Hospitals During the Pandemic
March 26, 2020
The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. Last week BleepingComputer contacted various ransomware groups and asked if they would target hospitals and other healthcare organizations during the pandemic. With the amount of strain healthcare organizations are under during this pandemic, I was hoping that ransomware operators would ...
- Ransomware Maze
March 26, 2020
The Maze ransomware, previously known in the community as “ChaCha ransomware”, was discovered on May the 29th 2019 by Jerome Segura. The main goal of the ransomware is to crypt all files that it can in an infected system and then demand a ransom to recover the files. However, the most important characteristic of Maze is the ...
- Developing Story: Coronavirus Used in Malicious Campaigns
March 20, 2020
The coronavirus disease (COVID-19) is being used in a variety of malicious campaigns including email spam, BEC, malware, ransomware, and malicious domains. As the number of those afflicted continue to surge by thousands, campaigns that use the disease as a lure likewise increase. Trend Micro researchers are periodically sourcing for samples on coronavirus-related malicious campaigns. This report also includes ...
- New Variant of Paradise Ransomware Spreads Through IQY Files
March 18, 2020
Internet Query Files (IQY) were used to deliver a new variant of Paradise ransomware, as reported by Last Line. The said file type has not been associated with this ransomware family before. In the past, IQY files were typically used in other malware campaigns such as the Necurs botnet that distributes IQY files to deliver FlawedAmmy RAT. Bebloh and Ursnif also spreads ...