Mallox ranomware affiliate leverages PureCrypter in MS-SQL…

216.73.216.6

Mallox ranomware affiliate leverages PureCrypter in MS-SQL exploitation campaigns

· Published 14/05/2024 18:03 · Modified 14/05/2024 18:30

Essential information

Published: 14/05/2024 18:03
Modified: 14/05/2024 18:30
Tags: 2024-05-09 2024-05-10 2024-05-14 as208091 bitcoin clr sqlshell link http maestro mallox mallox raas mssql mssql server plugx powershell purecrypter ransom shutdown sqlshell trigona unsafe xollam
Related entities: 10 observables, 1 intrusion sets (apt), 15 techniques (mitre), 3 malware, 12 others

Description

A team from security firm Sekoia has observed a series of attacks targeting vulnerable assets, including MS-SQL, and Mallox ransomware, using techniques similar to that of the PureCrypter ransomware.

External references

https://blog.sekoia.io/mallox-ransomware-affiliate-leverages-purecrypter-in-microsoft-sql-exploitation-campaigns/
https://otx.alienvault.com/pulse/6643a78898555f57c75a108a

Mallox ranomware affiliate leverages PureCrypter in MS-SQL exploitation campaigns

Essential information

Description

Related entities

Observables (10)

Intrusion sets (APT) (1)

Techniques (MITRE) (15)

Malware (3)

Others (12)

External references