Mallox Ransomware Being Distributed in Korea Posted By kwonxx , March 14, 2023 AhnLab Security Emergency response Center (ASEC) has recently discovered the distribution of the Mallox ransomware during the team’s monitoring. As covered before, Mallox, which targets vulnerable MS-SQL servers, has historically been distributed at a consistently high rate based on AhnLab’s statistics. The malware disguised as a program related to DirectPlay is a file built in .NET which, as shown in Figure 3, connects to a certain address, downloads additional malware, and runs it in the memory. If this address cannot…
