Mallox ransomware: in-depth analysis and evolution


Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide.

In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released several times a month, while the Mallox RaaS affiliate program advertised on dark web forums was seeking new partners. This article aims to provide a comprehensive technical overview of the ransomware and its history.

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • Lazarus APT Spinoff Linked to Banking Hacks

    April 3, 2017

    The Lazarus Group, a nation-state level of attacker tied to the 2014 attacks on Sony Pictures Entertainment, has splintered off a portion of its operation to concentrate on stealing money to fund itself. The group, widely believed to be North Korean, has been linked to a February 2016 attack against the Bangladesh Central bank that resulted ...

  • New Mirai Variant Carries Out 54-Hour DDoS Attacks

    March 30, 2017

    A variant of the Mirai malware pummeled a U.S. college last month with a marathon 54-hour long attack. Researchers say this latest Mirai variant is a more potent version of the notorious Mirai malware that made headlines in October, targeting DNS provider Dyn and the Krebs on Security website. The IoT botnet behind the DDoS attacks ...

  • Ghana to set up national cyber security council

    March 30, 2017

    Ghana is to establish a national cyber security council to tackle the increasing rate of cyber crime in the country. The initiative is part of the government’s effort to build a comprehensive cyber security governance arrangement involving all key public and private sector stakeholders. The National Cyber Security Council will be an independent advisory body made ...

  • New Clues Surface on Shamoon 2’s Destructive Behavior

    March 27, 2017

    Researchers on Monday reported progress in piecing together some of the missing pieces of the Shamoon 2 puzzle that have been eluding them when it comes to lateral network movement and execution of the Disttrack malware component used in past campaigns. Shamoon 2 uses a combination of legitimate tools, such as the open source utility PAExec, and ...

  • Indian Startup Develops a Next-Gen Cybersecurity Solution on the Blockchain

    March 26, 2017

    A new innovative prototype startup powered by blockchain technology for cybersecurity has recently launched in India aimed at curbing the global phenomenon of cybercrime. Mumbai-based Block Armour was thought up by Narayan Neelakantan, former CISO and Head of IT Risk and Compliance with India’s National Stock Exchange (NSE) and Floyd DCosta, who has a background in ...

  • Apple Pressured to Pay Ransom by Hackers Threatening to Remotely Wipe iPhones

    March 22, 2017

    Apple is currently under pressure to pay a ransom to a group of hackers who are threatening to remotely wipe iPhones. It seems the hackers are identifying themselves as “Turkish Crime Family.” Taking into account just how big Apple is and how deep its pockets go, the hackers only demanded $75,000 in Bitcoin or Ethereum, another ...