MortalKombat ransomware has just been updated with a new decryptor that is now available for download. Ever since the first instance of the MortalKombat ransomware family was discovered online in January this year, Bitdefender has been keeping a close eye on it.
MortalKombat is a Xorist-based ransomware. It spreads via phishing emails and targets RDP instances that are accessible from the Internet. The BAT Loader is responsible for planting the malware after it has been successfully installed on the victim’s machine. It is commonly known that this payload will also transmit the malware known as Laplas Clipper, which will cause further damage to the machine.
MortalKombat ransomware encrypts all files on the computer it infects, including those in the recycle bin and files associated with virtual machines. In addition to that, it disables Windows Explorer, removes folders and files from the start menu, and disables the Run command.
A typical infection carried out as part of this campaign begins with a phishing email. This email then triggers a multi-stage attack chain in which the actor delivers malware or ransomware and then deletes evidence of malicious files, making it difficult to analyze their activity and covering their tracks.
An executable BAT payload script may be found in the malicious ZIP file that was attached to the first phishing email. When a victim opens the payload script, it downloads another malicious ZIP file from an attacker-controlled hosting server to the victim’s machine, automatically inflates the file, and then runs the payload, which is the GO variant of the Laplas Clipper malware or The MortalKombat ransomware, depending on which one was specified in the payload script. The payload script will delete the malicious files that were downloaded and placed on the victim’s computer, then run the dropped payload as a process on the victim’s computer. This will clear up the indicators of infection.
Symptoms of an active infection
When activated, MortalKombat Ransomware encrypts data and creates files with a certain extension.
Bitdefender has made available for download below a free universal decryptor that is compatible with the most recent version of Mortal Kombat:
Get the Mortal Kombat decryptor here.
A command line can also be used to perform completely silent operation. Using this functionality can be beneficial for you in case you need to automate the distribution of the product within a wide network.
Cryptocurrency wallets stored on the device are targeted by financial ransomware, which also checks the computer’s clipboard for cryptocurrency wallet addresses. If a clipboard entry is discovered, it is sent to the hacker’s server, where a Clipper bot is waiting to replace it with a similar address actually owned by the hacker.
Victims of MortalKombat ransomware can now recover their data without paying the ransom thanks to the recent availability of a new decryptor. This is an important advance in the battle against ransomware, which is a threat that has become more prevalent for both individuals and corporations.
The new solution that Bitdefender has released helps aid broader efforts to prevent cybercriminals from profiting from their illegal actions by reducing the likelihood that victims will be forced to pay ransoms. The availability of the decryptor highlights how important it is to back up your data regularly and employ strict security measures to defend against ransomware attacks.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He has also worked for security companies such as Kaspersky Lab. His daily work includes investigating new malware and cybersecurity incidents. He also has a deep level of knowledge in mobile security and mobile vulnerabilities.
Send news tips to [email protected] or www.instagram.com/iicsorg/
You can also find us on Telegram www.t.me/noticiasciberseguridad