top of page
Search

Mallox Ransomware showing signs of Increased Activity

“TargetCompany” is a type of ransomware that was first identified in June 2021. The researchers named it TargetCompany ransomware because it adds the targeted company name as a file extension to the encrypted files. In September 2022, researchers identified a TargetCompany ransomware variant targeting Microsoft SQL servers and adding the “Fargo” extension to the encrypted files. TargetCompany ransomware is also known to add a “Mallox” extension after encrypting the files.




MALWARE FAMILIES: Mallox, Fargo, TargetCompany


ATT&CK IDS: T1020 - Automated Exfiltration, T1071 - Application Layer Protocol, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1140 - Deobfuscate/Decode Files or Information, T1204 - User Execution, T1486 - Data Encrypted for Impact, T1562 - Impair Defenses


Read More:

9 views

Comments


Commenting has been turned off.
bottom of page