Mallox Ransomware: Recover Encrypted Data

Mallox ransomware has been notable for its speed in encrypting files, the group mainly uses spam email campaigns and trojans to break into victims’ systems.

Like some groups, Mallox avoids targeting users in specific countries, such as Russia, Kazakhstan, Ukraine and Qatar.

Once the ransomware invades the system it analyses the language used by the operating system, if it is from one of the restricted countries the encryption is not performed and if it has already been started the decryption key is released for free.

In addition to analyzing the language, the ransomware seeks to raise the permission to be able to access more privileged networks, and the repair mode and automatic startup is canceled.

After all these preparations the encryption is started and quickly all files are modified, the .mallox extension is added to all encrypted files. The Encryption cannot be broken by deleting the extension, it can only be broken with the decryption key or with the help of a specialized company.

Only the group has the decryption key and it charges a considerable amount to release it, the group leaves a note on the desktop with all the instructions on how the victim can contact the group for the payment of the ransom, which is done with cryptocurrencies.

Paying the ransom is not the only way out, there are companies that can recover the encrypted files without the need of the decryption key, Digital Recovery is capable of that.

Recover Files Encrypted by Mallox Ransomware

Digital Recovery specializes in recovering ransomware-encrypted files of any length on any storage device.

With over 20 years of experience we have honed our ability to develop technologies for data recovery, this puts us ahead of other companies when it comes to recovering files encrypted by ransomware.

All our processes are unique and have been developed based on the General Data Protection Act (GDPR) and we have signed a confidentiality agreement (NDA) with all our clients.

Contact us and start the recovery process right now.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that

Récupérer le Ransomware Makop

Makop Ransomware

The Makop ransomware has grown through its affiliate programme, RaaS (Ransomware as a Service), a tactic that aims to find partners to carry out attacks


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.