targetcompany
0 incidentes
0 paises
0 sectores
ransomware RU Ultimo: -
Aliases: Mallox, Tohnichi, Water Gatpanapun, FARGO
Mallox is a financially motivated ransomware group that first emerged in May 2021, with initial activity recorded in June of the same year. The group, also known by aliases such as TargetCompany, Fargo, and Tohnichi, initially conducted direct attacks before evolving to incorporate phishing campaigns and adopting a Ransomware-as-a-Service (RaaS) model by 2022. Mallox is assessed with moderate confidence to have ties to Russian-speaking individuals or groups. A defining characteristic of Mallox is its consistent exploitation of unsecured Microsoft SQL (MS-SQL) servers as a primary initial access vector, distinguishing it from many other ransomware operations. The group operates a double extortion model, stealing data before encryption and threatening its publication to compel victims into paying a ransom. Mallox has been one of the longest-running ransomware groups to remain active, continuously developing new versions of its malware and expanding its attack surface, notably to Linux an
Paises objetivo (SOCRadar)
United Arab EmiratesBolivia, Plurinational State of
Brazil
Canada
Switzerland
China
Colombia
Germany
Spain
France
Sectores objetivo (SOCRadar)
Food ManufacturingOther Information ServicesSoftware PublishersHospitalsAir TransportationManufacturingConstructionPublic AdministrationOil & GasBeverag & Tobacco Manufacturing