Ransomware
Mallox
First seen: 2021-06 • Status: active
Currently Active Threat
Mallox attacks database servers and encrypts all your data. It specifically targets poorly secured SQL servers.
Overview
Mallox ransomware targets vulnerable MS-SQL servers. It encrypts databases and demands cryptocurrency payment.
Also Known As
TargetCompany, FARGO
How It Spreads
- • MS-SQL brute force
- • RDP exploitation
What It Does
- • Database encryption
- • Data theft
- • Ransom demands
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Secure SQL Server exposure
- • Monitor for brute force
MITRE ATT&CK Techniques
T1486, T1110
If You're Infected
- 1.
Secure MS-SQL servers
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required