MortalKombat ransomware victims can now decrypt their files for free

Romanian cybersecurity agency Bitdefender has launched a free decryption instrument for MortalKombat, a month-to-month ransomware pressure concentrating on predominantly cryptocurrency customers.

MortalKombat, named after the favored online game collection, was initially observed By Cisco Talos researchers in January. The researchers mentioned the financially motivated gang used the ransomware to steal cryptocurrency from victims in the US, United Kingdom, Philippines and Turkey.

MortalKombat ransomware is commonly unfold through phishing emails, the place attackers impersonate CoinPayments, a professional world cryptocurrency cost gateway. As soon as put in on the sufferer’s machine, the malware searches for cryptocurrency wallets on the machine and displays the pc’s clipboard for pockets addresses. If a pockets deal with is discovered, the deal with is distributed to the attacker’s server and changed with an attacker-controlled deal with as a way to hijack future transactions.

Regardless of being lively for just a few months, Bitdefender on Tuesday announced That it has launched a free decryptor for MortalKombat and permits ransomware victims to decrypt their encrypted information totally free.

Bitdefender instructed TechCrunch that it has additionally noticed MortalKombat since January, however the extent of the menace is unknown.

“That is an rising piece of ransomware that’s nonetheless being distributed on the time of writing,” Bogdan Botezatu, Bitdefender menace analysis and reporting director, instructed TechCrunch. “At this level we do not have sufficient knowledge to estimate the magnitude of the assault. As soon as the present sufferer pool downloads the instrument and fixes infections, we can present extra knowledge on victimization and geographic distribution.”

Botezatu added that it is also unclear how a lot power the hackers behind MortalKombat took from their victims. “After the encryption course of is full, there isn’t a upfront cost,” mentioned Botezatu. As an alternative, the sufferer is instructed to obtain an encrypted chat consumer known as qTox and phone the operator to barter a Bitcoin cost. We imagine the ransom demanded varies from an infection to an infection relying on how vital the ransom knowledge is to the person or enterprise.”

Bitdefender declined to say the way it obtained the keys to create the MortalKombat decryptor or whether or not it was backed by legislation enforcement.

The cybersecurity firm has launched 32 decryptors up to now, together with these for GandCrab, Darkside, LockerGoga, MegaCortex, and REvil, and estimates that this has helped save ransomware victims a complete of about $1.6 billion.

Learn extra: