Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.
In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.
Read more…
Source: Kaspersky
Related:
- DDoS Attacks Ranked As Highest Threat by Enterprises
February 22, 2019
US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attacked in 2018. Another 75% of all professionals who took part in NISC’s study said that they are deeply concerned about “bot ...
- Ransomware encrypts Australian cardiac clinic’s patient files
February 21, 2019
Employees of Melbourne Heart Group in Malvern, Australia, have been unable to access patients’ medical records following a January ransomware attack that encrypted the health care provider’s files. The cardiology clinic disclosed the incident today on its website’s home page. “We have been assured that no patient’s privacy has been compromised in any way,” the statement reads. ...
- Hackers Use Compromised Banks as Starting Points for Phishing Attacks
February 19, 2019
Cybercriminals attacking banks and financial organizations use their foothold in a compromised infrastructure to gain access to similar targets in other regions or countries. In a report released today and shared with BleepingComputer, international security company Group-IB specialized in preventing cyber attacks describes a so called cross-border domino-effect that can lead to spreading an infection beyond the initial ...
- FBI arrests second Apophis Squad hacker in the US
February 13, 2019
The FBI arrested yesterday a hacker part of a hacking team known as Apophis Squad. This is the second arrest of an Apophis Squad member after UK cops arrested a teenager in August 2018. The two, US and UK citizens, respectively, have been charged in an indictment unsealed by the US Department of Justice yesterday. They stand ...
- Attackers Completely Destroy VFEmail’s Secure Mail Infrastructure
February 12, 2019
A catastrophic, smash-and-destroy cyberattack has eliminated the U.S. infrastructure for secure email service VFEmail. It’s a rare example of a purely destructive offensive, apparently unmotivated by financial gain or espionage goals. An attacker wiped out the company’s U.S. servers on Monday evening, including backups, destroying almost two decades worth of user data in just a few ...
- Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire
February 12, 2019
In November 2018, we covered a Trickbot variant that came with a password-grabbing module, which allowed it to steal credentials from numerous applications. In January 2019, we saw Trickbot (detected as TrojanSpy.Win32.TRICKBOT.AZ and Trojan.Win32.MERETAM.AD) with new capabilities added to its already extensive bag of tricks. Its authors clearly aren’t done updating Trickbot — we recently found a ...