Cybersecurity experts have discovered that hackers have adapted the Mallox ransomware to now target Linux systems, calling the new version Mallox Linux 1.0. This modification was uncovered by researchers at SentinelLabs, who found that Mallox Linux 1.0 is essentially a rebrand of the Kryptina encryptor created by a threat actor known as “Corlys”. Corlys initially tried to sell Kryptina for $800 but later released it for free when there was little interest from the cybercriminal community.
The similarities between Mallox Linux 1.0 and Kryptina are striking, with both using the same encryption mechanism (AES-256-CBC) and decryption routines. The new variant also retains the command-line builder and configuration parameters from Kryptina, indicating that the developers only made superficial changes to the encryptor’s name and appearance. Despite these alterations, the core functionality remains unchanged.
While there is no information yet on specific targets of Mallox Linux 1.0, Kaspersky researchers have noted that the affiliates of Mallox operate across various countries without restriction. However, a significant number of attacks attributed to Mallox have been observed in Brazil, Vietnam, and China. The ransomware, also known as Fargo or TargetCompany, has been active since June 2021, primarily targeting vulnerable MS-SQL servers and threatening victims with potential GDPR violations, particularly in the European Union.
Between October 2022 and March 2023, data breaches linked to Mallox affiliates have affected at least 20 organizations, highlighting the ongoing threat posed by this evolving malware. It is crucial for businesses to stay informed about the latest cybersecurity developments and take proactive measures to protect their systems from such malicious attacks.
In related news, Visa has issued a warning about a new malware strain targeting financial institutions, underscoring the importance of robust cybersecurity measures in the face of evolving threats. Additionally, businesses are encouraged to explore the best firewall software and endpoint security tools available to enhance their defense against cyber threats.
For more updates and insights on IT, cybersecurity, and emerging technologies, sign up for the TechRadar Pro newsletter to receive essential news, opinion pieces, features, and guidance tailored to help your business thrive in the digital landscape. Stay informed and stay protected in the ever-changing realm of cybersecurity.
As the threat landscape continues to evolve, staying vigilant and proactive in safeguarding sensitive data and critical systems is paramount. By prioritizing cybersecurity measures and staying informed about emerging threats like Mallox Linux 1.0, businesses can mitigate risks and protect their assets from malicious actors seeking to exploit vulnerabilities for financial gain.
