• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
bitdefender releases free decryptor for mortalkombat ransomware strain

Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain

You are here: Home / General Cyber Security News / Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain
February 28, 2023

Romanian cybersecurity company Bitdefender has launched a free of charge decryptor for a new ransomware pressure known as MortalKombat.

MortalKombat is a new ransomware pressure that emerged in January 2023. It can be primarily based on commodity ransomware dubbed Xorist and has been observed in attacks concentrating on entities in the U.S., the Philippines, the U.K., and Turkey.

Xorist, detected because 2010, is dispersed as a ransomware builder, allowing for cyber threat actors to make and personalize their very own variation of the malware.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


This features the ransom note, the file name of the ransom notice, the checklist of file extensions focused, the wallpaper to be made use of, and the extension to be applied on encrypted data files.

MortalKombat notably was deployed in new attacks mounted by an unnamed financially enthusiastic threat actor as a section of a phishing campaign aimed at a wide range of businesses.

“MortalKombat encrypts numerous files on the victim machine’s filesystem, these types of as technique, software, database, backup, and digital machine data files, as well as data files on the distant spots mapped as sensible drives in the victim’s machine,” Cisco Talos disclosed earlier this month.

MortalKombat Ransomware Strain

Whilst the ransomware does not exhibit wiper conduct or delete volume shadow copies, it corrupts Windows Explorer, disables the Operate command window, and gets rid of all programs and folders from Windows startup.

It is really also acknowledged to corrupt the deleted files in the Recycle Bin folder and change the file names and types and make Windows Registry modifications to attain persistence. The danger actors at the rear of the campaign and their operational model are not known as but.

“Primarily based on the Xorist ransomware, MortalKombat spreads as a result of phishing e-mail and targets exposed RDP cases,” Bitdefender stated. “The malware receives planted via the BAT Loader that also delivers the Laplas Clipper malware.”

MortalKombat is not the only Xorist variant to have emerged in the menace landscape more than the earlier handful of months. In November 2022, Fortinet FortiGuard Labs revealed one more edition that leaves a ransom be aware in Spanish.

The advancement also comes a minor around a month right after Avast posted a free of charge decryptor for BianLian ransomware to aid victims of the malware get well locked documents without having obtaining to shell out the danger actors.

Located this posting interesting? Stick to us on Twitter  and LinkedIn to read through a lot more special information we publish.


Some parts of this posting are sourced from:
thehackernews.com

Previous Post: «how to build a cyber resilient business read to innovate and How to build a cyber-resilient business read to innovate and thrive
Next Post: MWC 2023: Huawei launches ‘world’s best’ ransomware detection system mwc 2023: huawei launches 'world's best' ransomware detection system»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Free decryptor released for Conti ransomware variant infecting hundreds of organisations
  • Bitwarden to release fix for four-year-old vulnerability
  • THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
  • New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
  • A New Security Category Addresses Web-borne Threats
  • ICO Reprimands Metropolitan Police for Data Snafu
  • Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
  • Russian Military Preparing New Destructive Attacks: Microsoft
  • Podcast transcript: The changing face of cyber warfare
  • Vishing Campaign Targets Social Security Administration

Copyright © TheCyberSecurity.News, All Rights Reserved.