Related Families: Xorist, Laplas Clipper
Executive Summary
Cisco Talos recently reported on threat actor activity leveraging MortalKombat ransomware and Laplas Clipper. MortalKombat encrypts files on the infected machine and drops a ransom note instructing victims on how to pay the ransom to recover their files.
Key Takeaways
MortalKombat Ransomware Used in Recent Campaign
Feb 24, 2023 1:57:55 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Cryptocurrency, Laplas Clipper, MortalKombat, Xorist
Mars Stealer Malware Targeting Crypto
Aug 18, 2022 12:04:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Cryptocurrency, Atomic Wallet, Mars stealer
Executive Summary
A malware researcher on Twitter, @ViriBack, recently discovered a fake Atomic Wallet site distributing Mars Stealer.
Key Takeaways
PennyWise Infostealer Targets Crypto and Browsers
Jul 28, 2022 12:21:07 PM / by PolySwarm Tech Team posted in Threat Bulletin, Infostealer, Cryptocurrency, PennyWise, YouTube
Executive Summary
Cyble recently reported on PennyWise, an infostealer targeting crypto and browsers. PennyWise uses YouTube videos to bait victims into installing what they believe to be Bitcoin mining software.
Cryware Targets Crypto Wallets
May 27, 2022 12:34:55 PM / by PolySwarm Tech Team posted in Cryptocurrency, Cryware, Keylogging, Memory Dumping, Clipping & Switching, Crypto Wallet
Background
Microsoft recently reported on “cryware”, information stealers that target non-custodial cryptocurrency wallets, or hot wallets.
Lazarus Group Targets Crypto With TraderTraitor
Apr 25, 2022 11:26:42 AM / by PolySwarm Tech Team posted in Threat Bulletin, North Korea, Lazarus Group, TraderTraitor, Cryptocurrency