Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- New SectopRAT Trojan creates hidden second desktop to control browser sessions
November 21, 2019
A new Trojan, SectopRAT, has appeared in the wild which is able to launch a hidden secondary desktop to control browser sessions on infected machines. The new malware was first spotted by MalwareHunterTeam. In a tweet on 15 November, MalwareHunterTeam said the C# malware, compiled on 13 November, was able to “create hidden desktop and run ...
- New Roboto botnet emerges targeting Linux servers running Webmin
November 20, 2019
A cybercrime group is enslaving Linux servers running vulnerable Webmin apps into a new botnet that security researchers are currently tracking under the name of Roboto. The botnet’s appearance dates back to this summer and is linked to the disclosure of a major security flaw in a web app installed on more than 215,000 servers — ...
- Macy’s Suffers Data Breach by Magecart Cybercriminals
November 19, 2019
The department store Macy’s is warning that web skimmer malware was discovered on Macys.com collecting customers’ payment card information. The attack has been linked to Magecart, a notorious umbrella group made up of various cybercriminal affiliates that is known for injecting payment card skimmers into ecommerce websites. According to a data breach notice sent to customers, “an ...
- Ransomware hits Louisiana state government systems
November 19, 2019
A ransomware infection today took down IT systems and websites managed by the Louisiana state government, Governor John Bel Edwards revealed in a series of tweets. “Today, we activated the state’s cybersecurity team in response to an attempted ransomware attack that is affecting some state servers. The Office of Technology Services identified a cybersecurity threat that ...
- 400 Vet Locations Nipped by Ryuk Ransomware
November 19, 2019
National Veterinary Associates (NVA) has been hit with the Ryuk ransomware, in an attack that affects 400 clinics across the country. The California company said that it could take a week for its facilities to be fully back up and running normally. Patient records, payment systems and practice management software were all locked up in the ...
- Interpol to support the breaking of end-to-end encryption
November 18, 2019
International police body Interpol has joined the growing list of law enforcement agencies that back the idea of breaking encrypted communications, echoing concerns that the technology protects criminals. Interpol is expected to argue later today that encryption frustrates criminal investigations and protects child sexual predators, and that tech companies should be doing more to allow law ...