"Mallox Ransomware Group Activity Shifts Into High Gear"

A ransomware actor that infiltrates target networks via vulnerable SQL servers has become highly active. Mallox, also known as TargetCompany, Fargo, and Tohnichi, emerged in June 2021 and claims to have infected hundreds of organizations since then. Organizations in the manufacturing, retail, wholesale, legal, and professional services sectors are among the group's victims. According to Palo Alto Networks' Unit 42 threat intelligence team, the group's threat activity has been on the rise since the beginning of the year. Compared to 2022, Palo Alto's telemetry and other open threat intelligence sources indicate a 174 percent increase in Mallox-related activity thus far this year. Previously, Mallox was known for being a relatively small and closed ransomware gang, according to Lior Rochberger, senior security researcher at Palo Alto Networks. Researchers attribute the surge in activity to the group's leaders' concerted efforts to expand Mallox's operations. This article continues to discuss the increase in Mallox ransomware group activity.

Dark Reading reports "Mallox Ransomware Group Activity Shifts Into High Gear"