Mortalkombat Ransomware Targets US Systems: What You Need to Know

The United States has become the latest target of a new malware variant called Mortalkombat Ransomware. The malware encrypts victims’ files and demands a ransom in exchange for a decryption key.

Mortalkombat Ransomware is typically spread through phishing emails containing malicious attachments or links that, when opened, install the malware on the victim’s computer.

What is Mortalkombat Ransomware?

Mortalkombat Ransomware is a new threat to computer systems in the United States. It is a type of malware that encrypts the victim’s files and demands payment in exchange for a decryption key.

The ransomware is distributed through phishing emails, which contain malicious attachments or links that, when clicked, install the ransomware on the victim’s computer.

According to reports, Mortalkombat Ransomware is particularly sophisticated and challenging to detect, making it a serious threat to computer systems. The malware not only encrypts victims’ files but also attempts to disable security software to prevent detection.

MortalKombat Ransomware and Laplas Clipper Used in New Financially Motivated Campaign

Hackers have launched a new financially motivated campaign using a variant of the Xorist commodity ransomware called MortalKombat and the Laplas clipper in their cyberattacks.

These malware infections are used to conduct financial fraud, with the ransomware extorting victims to receive a decryptor and Laplas stealing cryptocurrency by hijacking crypto transactions.

MortalKombat Ransomware and Laplas Clipper: How They Work

Laplas is a cryptocurrency hijacker that was released in 2020. It monitors the Windows clipboard for crypto addresses and substitutes them with addresses under the attacker’s control.

On the other hand, MortalKombat ransomware is a new variant of the Xorist ransomware family that lets threat actors customize the malware through a builder.

Xorist has been decryptable for free since 2016. The new MortalKombat ransomware is used to extort victims by encrypting their files and demanding a ransom in exchange for a decryptor.

The attacks observed by the Talos researchers focused mainly on the United States, with some victims also in the UK, Turkey, and the Philippines.

MortalKombat Ransomware: Its Encryption and Damage Capabilities

MortalKombat is a Xorist ransomware variant that targets various files on the victim’s system like system, application, database, backup, and virtual machine files. It also drops a ransom note and changes the victim’s wallpaper upon encryption.

The ransom note instructs the victim to use the qTOX Tor-based instant messaging app to negotiate with the cybercriminals, who demand payment in Bitcoin.

The ransomware corrupts system folders, disables the Windows Run command window, and removes all entries from Windows startup.

MortalKombat also fiddles with the Windows registry, creating a Run registry key for persistence while deleting the installed application’s root registry key, making the applications no longer function.

Cisco’s analysts are unsure about the operational model of MortalKombat ransomware and whether it is a custom strain of a lone threat actor or sold to other cybercriminals like Laplas.

How to Protect Yourself from Mortalkombat Ransomware

To protect yourself from Mortalkombat Ransomware, you need to take some basic precautions. Here are some tips to keep your computer safe:

1. Be cautious of email attachments and links: Do not open email attachments or click on links from unknown sources or suspicious emails. Always verify the sender’s identity and ensure that the attachment is legitimate before opening it.
2. Keep your operating system and software up-to-date: Software updates often include security patches that fix vulnerabilities that can be exploited by ransomware.
3. Use antivirus software: Install reputable antivirus software and keep it updated to protect your computer from malware, including Mortalkombat Ransomware.
4. Backup your data regularly: Regularly backup your important data to an external hard drive or cloud storage. This will allow you to recover your data in case of a ransomware attack.

In conclusion, Mortalkombat Ransomware is a serious threat to computer systems, and it’s essential to take precautions to avoid becoming a victim.

By following the tips mentioned above, you can protect your computer and keep your data safe from this and other types of ransomware. Stay vigilant and keep your guard up to stay safe in the ever-evolving world of cybersecurity.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter.

You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.