Advertisement Banner
  • Home
  • News
  • Cyber News
  • Contact
No Result
View All Result
  • Home
  • News
  • Cyber News
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Cyber News

Bitdefender released free decryptor for MortalKombat RansomwareSecurity Affairs

admin by admin
February 28, 2023
in Cyber News


Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat.

Good news for the victims of the recently discovered MortalKombat ransomware, the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom.

Since December 2022, Cisco Talos researchers have been observing an unidentified financially motivated threat actor deploying two new malware, the MortalKombat ransomware and a GO variant of the Laplas Clipper malware.

The similarities in code, class name, and registry key strings, led the experts in assessing with high confidence that the MortalKombat ransomware belongs to the Xorist ransomware family.

Threat actors use a multi-stage attack chain that begins with a phishing email with a ZIP attachment containing a BAT loader script.

“Once executed, MortalKombat Ransomware encrypts data and generates files with a specific extension: ..Remember_you_got_only_24_hours_to_make_the_payment_if_you_dont_pay_prize_will_triple_Mortal_Kombat_Ransomware. It also changes the desktop wallpaper to give it a Mortal Kombat theme and generates a ransom note called HOW TO DECRYPT FILES.txt.” reads the post published by Bitdefender.

MortalKombat first appeared on the threat landscape in January 2023, it targets various files on the victim machine’s filesystem, such as system, application, database, backup, and virtual machine files, as well as files on the remote locations mapped as logical drives. 

Unlike other ransomware families, MortalKombat did not show any wiper behavior or delete the volume shadow copies on the infected system. It corrupts Windows Explorer, removes applications and folders from Windows startup, and disables the Run command window, making the system inoperable.

The ransom note instructs the victim to contact the attacker through the qTOX instant messaging application.

Most of the victims are located in the U.S., but experts observed limited infections in the United Kingdom, Turkey, and the Philippines.

The tool released by Bitdefender works against the current version of MortalKombat, it can be downloaded here.

The company pointed out that the decryptor can also be executed silently via a command line, which can be useful to automate the deployment of the tool inside a large network.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)



Share On






Source link

Previous Post

Sisodia moves SC challenging arrest, plea likely to be mentioned today –

Next Post

South Korean President Calls Japan ‘Partner’ on Independence Day – The Diplomat

Next Post

South Korean President Calls Japan ‘Partner’ on Independence Day – The Diplomat

Recommended

2023 New Year Resolutions for Asia’s Biggest Economies – The Diplomat

2 months ago

India condoles loss of lives in deadly Peshawar mosque blast –

2 months ago

© 2022 Law Enforcement News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Cyber News
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Cyber News
  • Contact

© 2022 Law Enforcement News Hubb All rights reserved.