Cybersecurity researchers Bitdefender have released a new decryptor for the MortalKombat ransomware (opens in new tab) which can help save your precious files, free of charge.
Available from the Bitdefender website now (opens in new tab), the decryptor was released just over a month after security experts first started reporting on MortalKombat. In January 2023, Cisco Talos reported on threats targeting victims in the United States, casting a wide net to target random users with malicious emails carrying a .ZIP attachment with a BAT loader script.
The victims that run the script end up downloading and running both the ransomware binary and the Laplas Clipper, BleepingComputer explained, adding that the speed at which the MortalKombat decryptor was published could be due to the fact that it is based on Xorist, a commodity ransomware allegedly decryptable since 2016.
Backing up encrypted files
To run the decryptor, the victims don’t need to install it on the affected endpoints, as it’s a standalone executable. It also backs up all of the files before trying to decrypt them, to be on the safe side in case the decryption process fails for any reason. Furthermore, the decryptor can replace previously decrypted files, and can be executed from the command line which should help IT teams managing large networks run automated decryptions.
> What is ransomware and how does it work? (opens in new tab)
> The 10 worst ransomware attacks ever (opens in new tab)
> These are the best firewalls right now (opens in new tab)
Ransomware is one of the most devastating forms of malware, and also one that is the quickest to evolve and introduce new things.
To protect against ransomware threats, businesses should first educate their employees on the dangers of phishing and social engineering, as those are the usual first steps leading up to a ransomware infection. Furthermore, having a strong antivirus solution, a firewall, and a backup, is highly recommended.
- Here's our list of the best endpoint protection (opens in new tab) services today
Via: BleepingComputer (opens in new tab)