The logic of the ransomware “Mortal Kombat” differs from the classic approaches, but is built on the old phishing trick. The user receives an email purporting to be from the CoinPayments crypto exchange. It notifies the potential victim that “the payment has timed out.” The letter contains the number of a certain transaction. When you click on it, a ransomware application is downloaded to the computer, which encrypts the user’s data, or a crypto-skimmer that depletes his crypto wallet.
Cybersecurity experts from Cisco Talos note that this attack is aimed not only at private users, but also at small and large businesses. The first incidents were seen at the end of 2022. They are all united by an important detail – the hackers’ requirements are set out in a note against the background of wallpaper with scenes from the game Mortal Kombat 11. If the user wants to decrypt his data, he should agree on the cost of this service by writing to the developers of the ransomware via the qTox instant messaging service.
Another attack option could be downloading the Laplas Clipper cryptocurrency skimmer. A special algorithm imperceptibly replaces data for cryptocurrency transactions so that users transfer money to hackers, believing that they are replenishing their wallets. The largest number of incidents affected users from the United States, but the potential danger remains for everyone, regardless of region. To avoid becoming a victim of this attack, you should be more careful and abandon the practice of reading emails from unknown addresses.
