Mortalkombat

MortalKombat is a new ransomware family that was discovered by Talos earlier this year. It was generated by the leaked Xorist ransomware builder, a type of malware that has been in existence since 2016. MortalKombat has been used by an unidentified threat actor since December 2022 to target individuals and smaller companies. This malicious software infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge, and then encrypts critical system details, rendering the affected system inoperable. The MortalKombat ransomware is particularly notable for its focus on cryptocurrency wallets, aiming to either steal or demand payments in virtual currency. It has been deployed alongside another malware called Laplas Clipper in a financially motivated campaign. The Laplas Clipper malware is a clipboard stealer designed to trick victims into performing fraudulent cryptocurrency transactions. This dual attack strategy allows the threat actors to extort money from victims by offering a decryptor for the encrypted files and simultaneously hijacking crypto transactions. The emergence of MortalKombat, along with other new ransomware families like RA Group, RTM Locker, ESXiArgs, Chaos 4, represents a continued evolution of cyber threats. These malware campaigns have also started to use ZIP archives as a method of deployment, further expanding their potential impact. However, there is some hope for those affected; researchers have released a MortalKombat ransomware decryptor, offering a possible solution to users whose systems have been compromised.