Hackers running a new financially motivated campaign are using a variant of the Xortist ransomware called ‘MortalKombat’, along with the Laplas clipper in cyberattacks.
How it targets ?
Infected computers will generate a ransom note that features a wallpaper image from the game Mortal Kombat 11. The same note will demand victims contact the hackers through an instant messaging app and pay up in Bitcoin to free the computer.
As for MortalKombat, Cisco Talos says the new ransomware is based on the Xorist ransomware family, which uses a generator that allows threat actors to customize the malware. Xorist can be decrypted for free since 2016.
Talos researchers located mostly victims of the attacks in the United States, but also discovered some scattered across several countries, such as United Kingdom The Turkey and the Philippines.
Mortal Kombat ransomware
MortalKombat is a Xorist ransomware variant first discovered in January 2023, named after the popular fighting video game and featuring a ransom note/wallpaper featuring artwork from the franchise.
IOCs :
193.169.255.78 144.76.136.153 clipper.guru transfer.sh hack3dlikeapro@proton.me http://193.169.255.78/fw-apgksdtpx4hoaujjmbvdnxpohz.pdf.zip http://193.169.255.78/fw-cpgk2xfpx4hoaujjmbvdnxpohz.pdf.zip 9a5a5d50dea40645697fabc8168cc32faf8e71ca77a2ea3f5f73d1b9a57fc7b0 26d870d277e2eca955e51a8ea77d942ebafbbf3cbf29371a04a43cfe1546db17 1bf30c5c51a3533b4f0d7d3d560df691657d62374441d772f563376b55a60818 f02512e7e2950bdf5fa0cd6fa6b097f806e1b0f6a25538d3314c793998484220 63ec10e267a71885089fe6de698d2730c5c7bc6541f40370680b86ab4581a47d e5f60df786e9da9850b7f01480ebffced3be396618c230fa94b5cbc846723553
Leave A Comment