The Mallox Ransomware, emerging in mid-2021 and potentially linked to the “TargetCompany” ransomware group, has evolved its tactics. It exploits unsecured MS-SQL Servers to infiltrate and encrypt data, leaving a ransom note with a unique “tor” link. Seqrite experts analyzed the tactics, techniques, and procedures (TTPs) employed by the Mallox Ransomware and suggested the countermeasures organizations can take to prevent such attacks.
In this whitepaper, you will learn about:
- Evolution of Tactics of the Mallox Ransomware
- Attack Vector
- Infection Chain
- Exfiltration of Data
- Encryption and Safelisting