Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- New Ursnif Campaign Targets Users in Japan
March 17, 2020
Trend Micro researchers detected a new Ursnif campaign targeting users in Japan. The malware is distributed through infected Microsoft Word documents coming from spam emails. Ursnif, also known as Gozi, is an information stealer that collects login credentials from browsers and email applications. It has capabilities for monitoring network traffic, screen capturing, and keylogging. It is ...
- Hackers attacked a US health agency’s computer system in an attempt to slow down its COVID-19 response
March 16, 2020
As the US ramps up its response to the spread of COVID-19, the Health and Human Services Department was hit with a cyberattack, according to a new report from Bloomberg. Citing three unnamed sources familiar with the matter, Bloomberg reported that the cyberattack aimed to slow down HHS computer systems Sunday night, but were unsuccessful in ...
- They Come in the Night: Ransomware Deployment Trends
March 16, 2020
Ransomware is a remote, digital shakedown. It is disruptive and expensive, and it affects all kinds of organizations, from cutting edge space technology firms, to the wool industry, to industrial environments. Infections have forced hospitals to turn away patients and law enforcement to drop cases against drug dealers. Ransomware operators have recently begun combining encryption with the threat of data leak and exposure in order ...
- The SIM highjackers: how criminals are stealing millions by highjacking phone numbers
March 13, 2020
SIM swappers arrested by Spain, Austria and Romania as police gears up against this growing threat It is a common story: the signal bars disappears from their mobile phones, they call the phone number – it rings, but it’s not their phone ringing. They try to login to their bank account, but the password fails. They ...
- Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
March 11, 2020
Trend Micro recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry, Operation Overtrap has been active since April 2019 ...
- New TrickBot Variant Updates Anti-Analysis Tricks
March 11, 2020
Researchers uncovered a new variant of the TrickBot malware that relies on new anti-analysis techniques, an updated method for downloading its payload as well as adopting minor changes to the integration of its components. TrickBot is a module-based malware that, while first identified as a banking trojan, has gradually extended its functions to include collecting credentials from a victim’s emails, ...