Ransomware Group:  
Mallox



Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business


Sites | Tools | Negotiations | Ransom Note(s) | Activity | Worldmap | Victims (49)

This ransomware uses a combination of different crypto algorithms (ChaCha20, AES-128, Curve25519). The activity of this malware is dated to mid-June 2021. The extension of the encrypted files are set to the compromised company: .


Sites

Title Available Last Visit FQDN Screenshot
Mallox s 🟢 2024-12-05 19:50:00.356832 wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion 📸

Tools used

Discovery RMM Tools Defense Evasion Credential Theft OffSec Networking LOLBAS Exfiltration
Dropmefiles
File[.]io
Sendspace

This information is provided by Ransomware-Tool-Matrix

 Negotiation chats

Name # Msg Initial Ransom Negotiated Ransom Paid
20230529 29 N/A N/A
20230427 62 $20,000 $19,987
20230530 17 N/A N/A

This information is provided by Valéry Marchive & Julien Mousqueton

Ransom Note(s)

Activity over time

Worldmap

49 Victims

 flag

integraservices 

Company logo
Ransomware Group:

Discovery Date: 2024-07-15 17:40
Estimated Attack Date: 2024-07-13

Description not available

Victim:   |  Group: 
 flag

XENAPP-GLOBER 

Company logo
Ransomware Group:

Discovery Date: 2024-07-15 17:40
Estimated Attack Date: 2024-07-14

Sector: Technology
Description not available

Victim:   |  Group: 
 flag

"Moshe Kahn Advocates" 

Company logo
Ransomware Group:

Discovery Date: 2024-06-05 19:34

Sector: Not Found
Description not available

Group: 
 flag

Madata Data Collection & Internet Portals 

Company logo
Ransomware Group:

Discovery Date: 2024-06-04 14:49
Estimated Attack Date: 2024-06-03

Sector: Technology
Description not available

Victim:   |  Group: 
 flag

Río Negro 

Company logo
Ransomware Group:

Discovery Date: 2024-06-04 14:49
Estimated Attack Date: 2024-06-03

Description not available

Victim:   |  Group: 
IT flag

Assist Informatica 

Company logo
Ransomware Group:

Discovery Date: 2024-05-25 16:32
Estimated Attack Date: 2024-05-23

Sector: Technology
Description not available

Group: 
DE flag

speditionlangen.de 

Company logo
Ransomware Group:

Discovery Date: 2024-04-09 04:42

Description not available

Victim:   |  Group: 
HK flag

highfashion.com.hk 

Company logo
Ransomware Group:

Discovery Date: 2024-03-17 10:12
Estimated Attack Date: 2024-03-03

Description not available

Victim:   |  Group: 
IN flag

Ramdev Chemical Industries 

Company logo
Ransomware Group:

Discovery Date: 2024-03-17 10:12
Estimated Attack Date: 2024-03-14

Description not available

Victim:   |  Group: 
PK flag

Rafum Group 

Company logo
Ransomware Group:

Discovery Date: 2024-03-17 10:12
Estimated Attack Date: 2024-03-16

Sector: Not Found
Description not available

Victim:   |  Group: 
 flag

Versatile Card Technology Private Limited 

Company logo
Ransomware Group:

Discovery Date: 2023-10-26 05:41

Sector:

Group: 
 flag

DUHOCAAU 

Company logo
Ransomware Group:

Discovery Date: 2023-10-14 22:12

Sector:

Group: 
 flag

Measuresoft 

Company logo
Ransomware Group:

Discovery Date: 2023-10-03 05:46

Sector:

Victim:   |  Group: 
 flag

Kirkholm Maskiningeniører 

Company logo
Ransomware Group:

Discovery Date: 2023-10-02 04:13

Sector:

Victim:   |  Group: 
 flag

BOZOVICH TIMBER PRODUCTS INC 

Company logo
Ransomware Group:

Discovery Date: 2023-09-10 11:41

Sector:

Group: 
 flag

Kogetsu 

Company logo
Ransomware Group:

Discovery Date: 2023-08-01 19:06

Sector:

Group: 
 flag

Contec Systems 

Company logo
Ransomware Group:

Discovery Date: 2023-07-30 21:09

Sector:

Group: 
 flag

West Cargo 

Company logo
Ransomware Group:

Discovery Date: 2023-07-27 01:00

Sector:

Group: 
 flag

Franklins european bathrooms 

Company logo
Ransomware Group:

Discovery Date: 2023-07-23 20:02

Sector:

Group: 
 flag

Garuda Indonesia 

Company logo
Ransomware Group:

Discovery Date: 2023-07-09 19:25

Sector:

Victim:   |  Group: 
 flag

Ashley HomeStore 

Company logo
Ransomware Group:

Discovery Date: 2023-07-01 14:00

Sector:
INFO: https://www.zoominfo.com/c/ashley-homestore-ltd/7786767 DATA: https://anonfiles.com/9447C8z8z7/Ashley_7z PASSWORD: 597+9Tk?2gtW&&_6SW5#7<);D&81Q5)c​

Victim:   |  Group: 
 flag

JBCC Corp 

Company logo
Ransomware Group:

Discovery Date: 2023-06-28 07:59

Sector:
INFO: https://www.zoominfo.com/c/jbcc/431568723 DATA: CISDOM.7z.004: https://anonfiles.com/3eH2a3zez6/CISDOM_7z_004 CISDOM.7z.003: https://anonfiles.com/KfH1a5z6ze/CISDOM_7z_003 CISDOM.7z.002: https://anonfiles.com/MfHca7zfzd/CISDOM_7z_002 CISDOM.7z.001: https://anonfiles.com/FeH5aaz7z5/CISDOM_7z_001​ Password: &q.&i_R327:3p1<dBtEK~L02HT(4C3JZ

Victim:   |  Group: 
 flag

COMPASS INFRASTRUCTURE GROUP 

Company logo
Ransomware Group:

Discovery Date: 2023-06-27 08:06

Sector:
DATA: COMPASS.7z.001  https://anonfiles.com/34xeP5y9z4/COMPASS_7z_001COMPASS.7z.002  https://anonfiles.com/lav9P7ycz1/COMPASS_7z_002COMPASS.7z.003  https://anonfiles.com/Ebu4P0yaz2/COMPASS_7z_003 PASSWORD: he?A!xl_ 5a3KC5;h^*$7pjpZ​

Victim:   |  Group: 
 flag

Tlantic 

Company logo
Ransomware Group:

Discovery Date: 2023-06-24 03:59

Sector:
INFO: https://www.zoominfo.com/c/tlantic/346591091 DATA: https://anonfiles.com/h6F8rcybz7/tlantic_7z PASSWORD: 77UXD&CNqq@c+2rX$46~Y895rQX7Th7j

Victim:   |  Group: 
 flag

MICA ENVIRONNEMENT 

Company logo
Ransomware Group:

Discovery Date: 2023-06-20 23:03

Sector:
​ DATA PARTS: Mica.7z.001 https://anonfiles.com/Qat8K6x8zf/Mica_7z_001 Mica.7z.002 https://anonfiles.com/P6t7K0xcz0/Mica_7z_002 Mica.7z.003 https://anonfiles.com/u4s2K7xaz3/Mica_7z_003 Mica.7z.004 https://anonfiles.com/R1tfK5xezc/Mica_7z_004 Mica.7z.005 https://anonfiles.com/f2t9K8xdzc/Mica_7z_005 Mica.7z.006 https://anonfiles.com/JdudK4x7z6/Mica_7z_006 Mica.7z.007 https://anonfiles.com/N9ueK6xbz4/Mica_7z_007 Mica.7z.008 https://anonfiles.com/zcw2Kcxbz8/Mica_7z_008 Mica.7z.009 https://anonfiles.com/16w5Kbx1zd/Mica_7z_009 Mica.7z.010 https://anonfiles.com/22w7K5xeze/Mica_7z_010 Mica.7z.011 https://anonfiles.com/09w8Kcxdz6/Mica_7z_011 Mica.7z.012 https://anonfiles.com/30w4Kaxcza/Mica_7z_012 Mica.7z.013 https://anonfiles.com/59z4K5x7z2/Mica_7z_013 Mica.7z.014 https://anonfiles.com/wez5K7x2z4/Mica_7z_014 Mica.7z.015: https://anonfiles.com/i7z0Kbx8z8/Mica_7z_015 PASSWORD: 9n?M)YLZ737Fr5ttZ7u$YU01j<4&5ZrW

Victim:   |  Group: 
 flag

Bangkok Industrial Gas Co., Ltd. (BIG) 

Company logo
Ransomware Group:

Discovery Date: 2023-06-18 18:57

Sector:
DATA:https://anonfiles.com/X9A7y8x5ze/GAS_rar PASSWORD: c2OG7Qx$SNSnz6o5AE2,s<WOgUNIz5&4

Victim:   |  Group: 
 flag

Share and Harris 

Company logo
Ransomware Group:

Discovery Date: 2023-06-03 08:59

Sector:
INFO: https://www.zoominfo.com/c/share-harris-llc/410899856 DATA: https://anonfiles.com/D8nfa0v0zd/ShareHarris_rar PASSWORD:  (Oa+VB;~5k5S1W,LW8!P#6d31v8IZ%Jk

Victim:   |  Group: 
IN flag

FICCI 

Company logo
Ransomware Group:

Discovery Date: 2023-06-03 03:57
Estimated Attack Date: 2023-02-21

Sector:
Established in 1927, FICCI is the largest and oldest apex business organisation in India. Its history is closely interwoven with India's struggle for independence, its industrialization, and its emergence as one of the most rapidly growing global economies.A non-government, not-for-profit organisation, FICCI is the voice of India's business and industry. From influencing policy to encouraging debate, engaging with policy makers and civil society, FICCI articulates the views and concerns of industry. It serves its members from the Indian private and public corporate sectors and multinational companies, drawing its strength from diverse regional chambers of commerce and industry across states, reaching out to over 2,50,000 companies.FICCI provides a platform for networking and consensus building within and across sectors and is the first port of call for Indian industry, policy makers and the international business community. FILES: https://anonfiles.com/h9F2u9Z3yc/FICCI_rar PASSWORD: BUHgv97yt9f7fcv7c-p8

Victim:   |  Group: 
 flag

CCAA 

Company logo
Ransomware Group:

Discovery Date: 2023-06-03 03:56
Estimated Attack Date: 2023-03-24

Sector:
INFO: https://www.zoominfo.com/c/ccaa/372444807?__cf_chl_tk=9kqu5SXzH664NKjerVDLfEaOpLl2.oSyDBUZT_Sx2v8-1679667712-0-gaNycGzNDOU https://anonfiles.com/Fb6aCdg6zd/CCAA_rar Pass: U&YV(C&t6c97tc(&TC97tcdf(V&TC9

Victim:   |  Group: 
 flag

Young Homes, Inc 

Company logo
Ransomware Group:

Discovery Date: 2023-06-03 03:56

Sector:
INFO: https://www.zoominfo.com/c/young-homes-inc/134103843 DATA: https://anonfiles.com/8d12Yfudzf/Yhomes_rar PASSWORD: Vzha#FhkRRm=-h&Xw07lmVXPUe5H,K;#

Victim:   |  Group: 
 flag

Circa Jewels 

Company logo
Ransomware Group:

Discovery Date: 2023-03-06 13:31

Sector:
Circa Jewels is the leading international buyer of pre-owned fine jewelry, diamonds and watches. If Circa Jewels fail to take responsibility for their security weakness, all of their and their clients' confidential will be published. File Tree - https://anonfiles.com/N52cufc5z0/filetree_txt Last date - 20th March 2023 Contact ( https://tox.chat ) - AE3750EE1BE48D86104E6FB1DADC32469A31242EFC205A3EC47EF7689E3F103472A4DBFFF399

Victim:   |  Group: 
 flag

AddWeb Solution Pvt 

Company logo
Ransomware Group:

Discovery Date: 2023-03-05 14:32

Sector:
AddWeb Solution Pvt is a leading offshore development company provides a one-stop website, mobile, cloud, and digital marketing solution. If AddWeb Solution Pvt fail to take responsibility for their security weakness, all of their and their clients' confidential will be published. File Tree - https://anonfiles.com/gab0ifc8z3/filetree_txt Last date - 19th March 2023 Contact ( https://tox.chat ) - AE3750EE1BE48D86104E6FB1DADC32469A31242EFC205A3EC47EF7689E3F103472A4DBFFF399

Victim:   |  Group: 
IN flag

AICHELIN UNITHERM 

Company logo
Ransomware Group:

Discovery Date: 2023-03-04 13:33

Sector:
Two leading manufacturers of heat treatment furnaces Unitherm Engineers Limited (India) and Aichelin Holding GmbH (Austria) formed a new 50:50 Joint Venture Company (JVC) in India in 2010. The newly incorporated JVC Aichelin Unitherm Heat Treatment Systems India Private Limited is headquartered in Talegaon, Pune (Maharashtra).Whatever part you play in the field of industrial heat treatment, AICHELIN UNITHERM has a solution for you. As diverse as the product portfolio may be, certain things apply to every solution: reliability and economic efficiency. AICHELIN UNITHERM in joint venture with AICHELIN Group offers extensive experience and skill guaranteeing the security of a stable and strong group, as your partners and service providers.Industrial heat treatment of metallic parts and components is our skill and passion. AICHELIN UNITHERM is the leading manufacturer of Industrial Heat Treatment Plants technology and services in India. DATA: https://anonfiles.com/D583Qcb3z9/AICHELIN_UNITHERM_rar PASSWORD:  n246nm245&TC675tcd^R

Group: 
IN flag

"FICCI" 

Company logo
Ransomware Group:

Discovery Date: 2023-02-23 07:25

Sector:
Established in 1927, FICCI is the largest and oldest apex business organisation in India. Its history is closely interwoven with India's struggle for independence, its industrialization, and its emergence as one of the most rapidly growing global economies.A non-government, not-for-profit organisation, FICCI is the voice of India's business and industry. From influencing policy to encouraging debate, engaging with policy makers and civil society, FICCI articulates the views and concerns of industry. It serves its members from the Indian private and public corporate sectors and multinational companies, drawing its strength from diverse regional chambers of commerce and industry across states, reaching out to over 2,50,000 companies.FICCI provides a platform for networking and consensus building within and across sectors and is the first port of call for Indian industry, policy makers and the international business community. FILES: https://anonfiles.com/h9F2u9Z3yc/FICCI_rar PASSWORD: BUHgv97yt9f7fcv7c-p8

Victim:   |  Group: 
 flag

Mecaro Co., Ltd 

Company logo
Ransomware Group:

Discovery Date: 2023-02-16 02:53

Sector:
Company Introduction : Mecaro Co., Ltd is No1 Best Semicon parts company authorized in parts area by producing optimal semiconductor part of equipments through ceaseless technology development and research for about 15 years. ​MORE INFO: https://www.wsj.com/market-data/quotes/KR/241770/financials LEAKED DATA: https://anonfiles.com/bb60w5Ydy6/PLM_zip                   PASSWORD FOR ARCHIVE: kPl%l!ttuJ8;1Dxali3u1TzO%gk=7tJh

Group: 
 flag

Hydrofit Alliance Ltd 

Company logo
Ransomware Group:

Discovery Date: 2023-02-16 02:53

Sector:
Hydrofit FZE an ISO 9001, ISO 14001 & 45001 company, pioneering in the field of Fluid Power Transmissions, Mechanical Power Transmissions, Automatic Greasing / Lubrication systems and Oil Recirculation systems MORE INFO: https://www.zoominfo.com/c/hydrofit-alliance-ltd/346285910?__cf_chl_tk=5mBW2PYNvvqwAbHrTvIe_QmsK7qT8ybeY2RH3Kvmf8w-1676508140-0-gaNycGzND7s LEAKED DATA: https://anonfiles.com/Y7Q9weYcy2/hydrofitgroup_zip PASSWORD: p>7JEwOJ8i994RC=*69?J<q648H.:xE/

Victim:   |  Group: 
 flag

Gallier Orléans 

Company logo
Ransomware Group:

Discovery Date: 2023-02-16 02:53

Sector:
DATA: https://anonfiles.com/NfWdw2Yby8/GALLIER_zipPASSWORD: ?ie(yD@83,%0HR^t6_#S|VW*L6^cA-B\

Victim:   |  Group: 
 flag

Navnit Group 

Company logo
Ransomware Group:

Discovery Date: 2023-01-25 23:18

Sector:

Group: 
 flag

BOMCALCADO 

Company logo
Ransomware Group:

Discovery Date: 2023-01-25 05:22

Sector:
DATA PART 1: https://anonfiles.com/O7N1M7Tfy2/bomcalcado1_zip DATA PART 2: https://anonfiles.com/K7O7MaTdy7/bomcalcado2_zip PASSWORD: Q|&(A&\?Le($PxD=c,_cj*hLl@+|!,K#

Victim:   |  Group: 
 flag

First International Food co Ltd 

Company logo
Ransomware Group:

Discovery Date: 2023-01-25 02:39

Sector:
DATA: https://anonfiles.com/4ew5MbT6y1/fifood_zipPASSWORD: !BJYY-U_;pvuz.dlzbd~*>W;YX;x$?fM

Victim:   |  Group: 
 flag

Alhambra-Eidos 

Company logo
Ransomware Group:

Discovery Date: 2023-01-18 15:14

Sector:
https://www.zoominfo.com/c/alhambra--eidos/345908828?__cf_chl_tk=RpuNsHtJ3U8_aY_cJ.nM3xGgTjQUbdlu39sPdA54pLg-1674049852-0-gaNycGzNC-U Leaked data: https://anonfiles.com/********/Alhambra_rar Password: *&YG)*7vc08V()*&YguygoiugO

Victim:   |  Group: 
 flag

Yayla Enerji Uretim Turizm ve Insaat Ticaret 

Company logo
Ransomware Group:

Discovery Date: 2023-01-16 11:34

Sector:

Group: 
 flag

El Seif Development 

Company logo
Ransomware Group:

Discovery Date: 2023-01-15 19:51

Sector:
Data will be published in 24 hours Stay tuned

Group: 
 flag

ADIVA CO. LTD 

Company logo
Ransomware Group:

Discovery Date: 2023-01-11 09:22

Sector:

Group: 
 flag

Ban Leong Technologies Ltd 

Company logo
Ransomware Group:

Discovery Date: 2022-12-14 02:15

Sector:

Group: 
 flag

Canny Elevator Co Ltd 

Company logo
Ransomware Group:

Discovery Date: 2022-11-04 17:45

Sector:

Group: 
 flag

API MDC Technical Research Centre Sdn Bhd 

Company logo
Ransomware Group:

Discovery Date: 2022-11-04 17:45

Sector:

Group: 
 flag

Aerotech Precision Manufacturing 

Company logo
Ransomware Group:

Discovery Date: 2022-11-04 17:45

Sector:

Group: 
 flag

CLUB DE TENIS LA PAZ 

Company logo
Ransomware Group:

Discovery Date: 2022-11-04 17:45

Sector:

Group: