Bitdefender has released a free universal decryptor for MortalKombat, a nascent file-encrypting malware that emerged in January 2023. MortalKombat is based on a commodity ransomware dubbed Xorist and has been observed in attacks targeting entities in the U.S., the Philippines, the U.K., and Turkey. A decryptor for Xorist was made available by Emsisoft in May 2016.
MortalKombat notably was deployed in recent attacks mounted by an unnamed financially motivated threat actor as a part of a phishing campaign aimed at a wide range of organizations. "MortalKombat encrypts various files on the victim machine's filesystem, such as system, application, database, backup, and virtual machine files, as well as files on the remote locations mapped as logical drives in the victim's machine," Cisco Talos disclosed earlier this month. Although the ransomware does not exhibit wiper behavior or delete volume shadow copies, it corrupts Windows Explorer, disables the Run command window, and removes all applications and folders from Windows startup.