• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new ‘darkbit’ ransomware gang shuts down technion, demands $1.7 million

Bitdefender releases free MortalKombat ransomware decryptor tool

You are here: Home / General Cyber Security News / Bitdefender releases free MortalKombat ransomware decryptor tool
March 1, 2023

Shutterstock

Bitdefender has produced a cost-free decryption instrument for the MortalKombat ransomware strain which has risen to prominence in the latest months.

1st observed by Cisco Talos researchers in January, the strain has been made use of to concentrate on a raft of victims in the UK, US, and additional afield to steal cryptocurrency.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


In a blog site submit on 28 February, Bitdefender said the decryption resource can be “run silently” through a command line. The firm added that this could enable automatic deployment in large networks if desired.  

The decryptor does not demand set up on infected programs and scans a machine filesystem to establish specific information infected by the ransomware strain. Consumers are also capable to generate backups of encrypted files as a contingency.  

This marks the most current in a series of decryptor applications rolled out by Bitdefender in modern decades. The firm earlier released decryptors for REvil and GandCrab ransomware strains. 

How does MortalKombat work? 

Based on the Xorist ransomware pressure, MortalKombat is ordinarily distribute by way of phishing email messages and targets exposed remote desktop protocol (RDP) scenarios, Bitdefender claimed. 

A the latest analyze from Cisco observed that the first an infection vector for MortalKombat generally normally takes the type of a phishing email in which attackers impersonate CoinPayments, a cryptocurrency payment gateway and wallet. 

Emails focusing on end users often comprise a spoofed sender email, luring in unsuspecting victims.  

“A destructive ZIP file is attacked with a filename resembling a transaction ID outlined in the email system, engaging the recipient to unzip the malicious attachment and look at the contents, which is a destructive BAT loader,” scientists stated.  

After embedded inside of an infected equipment, the ransomware strain targets user crypto wallets and tracks person activity to identify wallet addresses.  

If effective in pinpointing a crypto wallet tackle, this is transferred to the attacker’s server and swapped with a malicious tackle to compromise upcoming transactions. Afflicted consumers are fulfilled with a ransom take note and their machine wallpaper is altered to an impression from the Mortal Kombat recreation collection. 

Little is recognised about the ransomware’s developers and working design, in accordance to researchers. Even so, the ransomware was very first noticed in a fiscally-enthusiastic marketing campaign of attacks which harnessed a new variation of the Laplas Clipper malware written in Go.

“The name of the ransomware and the wallpaper it drops on the victim program are nearly undoubtedly a reference to the MortalKombat media franchise, which encompasses a series of popular video games and movies,” a Cisco Talos site publish read through.


Some pieces of this post are sourced from:
www.itpro.co.uk

Previous Post: «cisa: tech industry 'shouldn't tolerate' patch tuesday, unsecured software CISA: Tech industry ‘shouldn’t tolerate’ Patch Tuesday, unsecured software
Next Post: Trend Micro security predictions for 2023 trend micro security predictions for 2023»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Free decryptor released for Conti ransomware variant infecting hundreds of organisations
  • Bitwarden to release fix for four-year-old vulnerability
  • THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
  • New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
  • A New Security Category Addresses Web-borne Threats
  • ICO Reprimands Metropolitan Police for Data Snafu
  • Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
  • Russian Military Preparing New Destructive Attacks: Microsoft
  • Podcast transcript: The changing face of cyber warfare
  • Vishing Campaign Targets Social Security Administration

Copyright © TheCyberSecurity.News, All Rights Reserved.