mallox
1 incidentes
0 paises
0 sectores
ransomware RU Ultimo: 2026-06-25
Aliases: FARGO, Tohnichi, TargetCompany
Mallox is a ransomware group that emerged in May 2021, initially conducting human-operated attacks before evolving into a Ransomware-as-a-Service (RaaS) model by early 2023, actively recruiting affiliates on dark web forums like RAMP. The group's primary motivation is financial gain through double extortion, involving both data encryption and exfiltration. Mallox is particularly known for its focus on exploiting unsecured Microsoft SQL (MS-SQL) servers as a primary initial access vector. Researchers have used various names for this group, leading to aliases such as TargetCompany, FARGO, and Tohnichi.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises objetivo (SOCRadar)
United Arab EmiratesBolivia, Plurinational State of
Brazil
Canada
Switzerland
China
Colombia
Germany
Spain
FranceSectores objetivo (SOCRadar)
Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersHospitalsTransportation Equipment ManufacturingEnterprises & HoldingAir TransportationManufacturingConstruction