Targetcompany

Malware updated 3 months ago (2024-09-04T12:18:14.439Z)

Download STIX

Preview STIX

TargetCompany is a known malware entity, often referred to as Mallox, Tohnichi, or Fargo in various articles and blog posts. This malicious software is designed to infiltrate and damage computer systems, often without the user's knowledge. It can enter systems through suspicious downloads, emails, or websites and once inside, it has the potential to steal personal information, disrupt operations, or hold data for ransom. Recently, a new Linux version of the TargetCompany ransomware has been identified that specifically targets VMware ESXi environments. VMware ESXi is a type-1 hypervisor used by enterprises to virtualize their servers, and its compromise could have serious implications for business operations. The source of this information comes from a report on Security Affairs, a well-known cybersecurity news platform. The introduction of this new strain of ransomware represents a significant threat to businesses utilizing VMware ESXi environments. The potential for widespread disruption and data loss is substantial, given the critical role these environments play in enterprise IT infrastructure. Immediate action should be taken to ensure all systems are adequately protected against this new form of attack.

Description last updated: 2024-09-04T12:15:49.883Z

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
Mallox is a possible alias for Targetcompany. Mallox is a potent malware that has been causing significant disruption in the digital world. This ransomware, primarily infiltrating networks via SQL servers, has shown its ability to adapt and evolve over time. PCrisk has identified new variants of Mallox that append extensions such as .ma1x0, .co	6
Tohnichi is a possible alias for Targetcompany. Tohnichi, also known as Mallox, TargetCompany, and Fargo, is a ransomware strain that primarily targets Microsoft Windows systems. This malware first surfaced in June 2021 and has since claimed to have infected hundreds of organizations worldwide. The group behind this malicious software is associat	3
Xollam is a possible alias for Targetcompany. Xollam is a malicious software, or malware, that operates as part of a ransomware group associated with various strains including TargetCompany, Tohnichi, Fargo, and Xollam. This group has seen a surge in activity, exploiting systems and causing significant damage. The malware infects systems throug	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Malware

Esxi

Payload

Linux

RaaS

Windows

Phishing

Exploit

Rat

Loader

Remcos

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Batcloak Malware is associated with Targetcompany. BatCloak is a fully undetectable (FUD) malware obfuscation engine that has been used by threat actors to stealthily deliver their malware since September 2022. The BatCloak engine was initially part of an FUD builder named Jlaive, which began circulating in 2022. Although the Jlaive code repository	Unspecified	2
The AsyncRAT Malware is associated with Targetcompany. AsyncRAT is a malicious software (malware) that infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even hold your data hostage for ransom. It has recently risen to prominence, ra	Unspecified	2

Source Document References

Information about the Targetcompany Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securelist	3 months ago	Evolution of Mallox: from private ransomware to RaaS
Securityaffairs	3 months ago	SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Securityaffairs	4 months ago	security-affairs-malware-newsletter-round-5
Securityaffairs	4 months ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	4 months ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	4 months ago	Security Affairs Malware Newsletter - Round 2
Securityaffairs	4 months ago	Security Affairs Malware Newsletter - Round 1
Securityaffairs	5 months ago	Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	5 months ago	Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	5 months ago	Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
Checkpoint	5 months ago	10th June – Threat Intelligence Report - Check Point Research
Securityaffairs	5 months ago	Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION
DARKReading	5 months ago	Mallox Ransomware Variant Targets Privileged VMWare ESXi Environments
Securityaffairs	5 months ago	A new Linux version of TargetCompany ransomware targets VMware ESXi environments
Trend Micro	a year ago	An Overview of the Different Versions of the Trigona Ransomware
Quick Heal Technologies Ltd.	a year ago	Mallox Ransomware Strikes Unsecured MSSQL Servers
Unit42	a year ago	Threat Group Assessment: Mallox Ransomware
CERT-EU	a year ago	An Overview of the Different Versions of the Trigona Ransomware
CERT-EU	a year ago	New Yashma Ransomware Variant Targets Multiple English-Speaking Countries
CERT-EU	a year ago	Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks