New ransomware targets systems in the U.S.

vtqhtr413

vtqhtr413

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 17, 2017
1,494
Content source
https://www.bleepingcomputer.com/news/security/new-mortalkombat-ransomware-targets-systems-in-the-us/
Hackers conducting a new financially motivated campaign are using a variant of the Xortist commodity ransomware named 'MortalKombat,' together with the Laplas clipper in cyberattacks. Both malware infections are used to conduct financial fraud, with the ransomware used to extort victims to receive a decryptor and Laplas to steal cryptocurrency by hijacking crypto transactions. Laplas is a cryptocurrency hijacker released last year that monitors the Windows clipboard for crypto addresses and, when found, substitutes them for addresses under the attacker's control. As for MortalKombat, Cisco Talos says the new ransomware is based on the Xorist commodity ransomware family, which utilizes a builder that lets threat actors customize the malware. Xorist has been decryptable for free since 2016.
Click to expand...
www.bleepingcomputer.com

New ‘MortalKombat’ ransomware targets systems in the U.S.

Hackers conducting a new financially motivated campaign are using a variant of the Xorist commodity ransomware named 'MortalKombat,' together with the Laplas clipper in cyberattacks.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: SeriousHoax, harlan4096, simmerskool and 5 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
giphy (90).gif
 
  • HaHa
  • Like
  • Applause
Reactions: harlan4096, blackice, [correlate] and 6 others
cruelsister

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,149
Although the ransomware portion is rather a yawner, the extension of encrypted files was different:
photo.JPG..Remember_you_got_only_24_hours_to_make_the_payment_if_you_dont_pay_prize_will_triple_Mortal_Kombat_Ransomware
 
  • HaHa
  • Thanks
  • Like
Reactions: harlan4096, blackice, Zero Knowledge and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,145
Almost all ransomware attacks can be easily prevented (especially at home) by standard AV + shortcut/script restrictions and MS Office hardening. The real problem can be when people intentionally download pirated content or try to find something fortunate/rare/uncommon on the Internet. In the first case, one can expect that the protection will complain so it is possible that the protection will be intentionally decreased/ignored. In the second case, one can be a victim of fake web pages with malicious content - the fake web pages will be high on Google search results.
In both cases, the attack can work because the victim believes that the detection/block is most probably a false positive.

Of course, there are some other possibilities for infections (malvertising, phishing, etc.), but the chances are relatively much lower, especially when users do not decrease the protection.
 
Last edited:
  • Like
Reactions: simmerskool, ForgottenSeer 72227, Gandalf_The_Grey and 2 others
You must log in or register to reply here.

Similar threads

vtqhtr413
    • Like
    • Applause
    • +Reputation
Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain
Replies
0
Views
679
News Archive
vtqhtr413
vtqhtr413
silversurfer
    • Like
    • Thanks
    • +Reputation
CryptoClippy Malware Targeting Portuguese Cryptocurrency Users
Replies
0
Views
1,062
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
Pirated Windows 10 ISOs install clipper malware via EFI partitions
Replies
0
Views
786
News Archive
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top