
Mallox Ransomware Group Becomes A Very Active Threat
MalloxTargetCompanyFargoTohnichiSQL
The group tracked as Mallox aka TargetCompany, Fargo and Tohnichi - tends to break into target networks through vulnerable SQL servers lately. Mallox attacks in 2023 are known to have increased by %174, compared to 2022.
Indicators of Compromise
soryytlic4.netSOCRadar2023-08-03
trojan.msil.avascrypt.smSOCRadar2023-08-03
hutnilior.netSOCRadar2023-08-03
www.atrikvde.xyzSOCRadar2023-08-03
wfsdragon.ruSOCRadar2023-08-03
www.mewzom.onlineSOCRadar2023-08-03
bulimu55t.netSOCRadar2023-08-03
www.koyesses.siteSOCRadar2023-08-03
host-host-file8.comSOCRadar2023-08-03
www.scastive.onlineSOCRadar2023-08-03
novanosa5org.orgSOCRadar2023-08-03
nuljjjnuli.orgSOCRadar2023-08-03
potunulit.orgSOCRadar2023-08-03
www.moldstones.comSOCRadar2023-08-03
www.domight.liveSOCRadar2023-08-03
www.merop.onlineSOCRadar2023-08-03
www.rtivxam.xyzSOCRadar2023-08-03
mimikatzlog.smSOCRadar2023-08-03
www.notbokin.onlineSOCRadar2023-08-03
www.markmarket.liveSOCRadar2023-08-03
host-file-host6.comSOCRadar2023-08-03
whyers.ioSOCRadar2023-08-03
eleganta.storeSOCRadar2023-08-03
missthinkup.comSOCRadar2023-08-03
Campaign Guidance
Remediation, mitigation, notes, history and related intelligence
REMEDIATIONS
Ransomware distribution tactics often involve using deceptive techniques, with Mallox ransomware being commonly distributed through phishing emails. These emails attempt to trick users into opening attachments that contain the malware. To safeguard against such threats, users must exercise extreme vigilance and carefully inspect every email they receive. If any suspicion arises regarding the legitimacy of the sender or the content, it is crucial not to interact with the email, avoid clicking on any provided URLs, and refrain from opening attachments.
Mallox ransomware is particularly notorious for targeting companies individually, often exploiting cybersecurity vulnerabilities in their database servers. Cybercriminals may employ brute force or dictionary attacks to gain unauthorized access to these systems and infect them with the ransomware.
To stay protected from such attacks, individuals and organizations should focus on robust security practices. This includes implementing multi-layered security measures, keeping all software and applications up-to-date, regularly backing up critical data, employing strong passwords, and educating employees about the risks of phishing and social engineering tactics. Regular security audits and vulnerability assessments can also help identify and address potential weaknesses in the infrastructure, minimizing the risk of falling victim to ransomware attacks.
Reports & References2
Observed Countries250
AD (249)
AE (326)
AF (168)
AG (121)
AI (712)
AL (950)
AM (814)
AO (460)
AQ (561)
AR (938)
AS (162)
AT (209)
AU (684)
AW (791)
AX (91)
AZ (313)
BA (373)
BB (728)
BD (484)
BE (726)
BF (137)
BG (324)
BH (763)
BI (181)
BJ (291)
BL (140)
BM (965)
BN (98)
BO (457)
BQ (398)
BR (87)
BS (334)
BT (496)
BV (513)
BW (287)
BY (318)
BZ (25)
CA (626)
CC (179)
CD (384)
CF (511)
CG (133)
CH (968)
CI (992)
CK (773)
CL (127)
CM (3)
CN (671)
CO (477)
CR (399)
CU (634)
CV (398)
CW (18)
CX (362)
CY (638)
CZ (492)
DE (864)
DJ (642)
DK (411)
DM (913)
DO (737)
DZ (680)
EC (711)
EE (360)
EG (944)
EH (240)
ER (104)
ES (821)
ET (646)
FI (185)
FJ (550)
FK (750)
FM (419)
FO (736)
FR (29)
GA (188)
GB (319)
GD (752)
GE (470)
GF (346)
GG (997)
GH (92)
GI (25)
GL (541)
GM (378)
GN (564)
GP (410)
GQ (325)
GR (673)
GS (387)
GT (72)
GU (447)
GW (649)
GY (881)
HK (362)
HM (979)
HN (279)
HR (267)
HT (822)
HU (228)
ID (552)
IE (200)
IL (11)
IM (58)
IN (919)
IO (93)
IQ (291)
IR (994)
IS (258)
IT (737)
JE (787)
JM (135)
JO (925)
JP (865)
KE (135)
KG (602)
KH (969)
KI (950)
KM (642)
KN (970)
KP (222)
KR (764)
KW (521)
KY (646)
KZ (524)
LA (282)
LB (399)
LC (645)
LI (477)
LK (165)
LR (792)
LS (712)
LT (458)
LU (174)
LV (729)
LY (937)
MA (239)
MC (576)
MD (825)
ME (183)
MF (8)
MG (711)
MH (716)
MK (23)
ML (538)
MM (400)
MN (857)
MO (362)
MP (867)
MQ (562)
MR (889)
MS (118)
MT (304)
MU (309)
MV (568)
MW (804)
MX (334)
MY (140)
MZ (788)
NA (510)
NC (629)
NE (88)
NF (784)
NG (858)
NI (280)
NL (682)
NO (787)
NP (368)
NR (599)
NU (243)
NZ (756)
OM (9)
PA (57)
PE (953)
PF (925)
PG (896)
PH (782)
PK (915)
PL (571)
PM (946)
PN (281)
PR (174)
PS (971)
PT (154)
PW (528)
PY (511)
QA (831)
RE (129)
RO (216)
RS (969)
RU (13)
RW (872)
SA (248)
SB (182)
SC (900)
SD (894)
SE (922)
SG (763)
SH (454)
SI (92)
SJ (490)
SK (893)
SL (49)
SM (871)
SN (409)
SO (221)
SR (437)
SS (548)
ST (948)
SV (446)
SX (300)
SY (851)
SZ (641)
TC (14)
TD (640)
TF (867)
TG (340)
TH (502)
TJ (986)
TK (845)
TL (895)
TM (368)
TN (394)
TO (993)
TR (230)
TT (554)
TV (762)
TW (79)
TZ (697)
UA (838)
UG (989)
UM (190)
US (803)
UY (214)
UZ (676)
VA (757)
VC (910)
VE (159)
VG (502)
VI (322)
VN (272)
VU (797)
WF (735)
WS (426)
XK (926)
YE (182)
YT (311)
ZA (299)
ZM (258)
ZW (136)