Hackerzhome

hackerzhome-logo-bg

Cybersecurity news all over the world

HACKERZHOME NEWS

March 1, 2023

Wednesday

A new ransomware decryptor for Mortal Kombat restores your files without cost.

A free MortalKombat ransomware decryptor has been made available by cybersecurity company Bitdefender so that victims can recover their files without paying a ransom.


Very soon after the strain’s first appearance in January 2023, when Cisco Talos stated that it was primarily focusing on systems in the United States, a workable decryptor for it was made available.


Distributors of MortalKombat send emails to uninvited recipients that contain malicious ZIP attachments that contain BAT loader scripts.


The Laplas Clipper and ransomware binaries are downloaded and run on the computer when the script is executed.


Its rapid cracking is most likely caused by the fact that MortalKombat is based on the popular Xorist ransomware family, which has been broken since 2016.


As a standalone executable, the MortalKombat decryptor doesn’t need to be installed on infected devices. Nonetheless, the user has the option to specify a location for encrypted backup data.

The entire filesystem can be searched for MortalKombat-infected files using this service.


The software also helps users to create a backup of encrypted files in case something goes wrong during the decryption procedure so they don’t end up with corrupted and irrecoverable data.

NEWS 1
A new ransomware decryptor for Mortal Kombat restores your files without cost.

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

Hackers at SCARLETEEL employ cutting-edge cloud technologies to steal data and source code

In order to access cloud services and steal sensitive data, a sophisticated hacking operation known as “SCARLETEEL” focuses on public-facing web apps that are operating in containers.

Cybersecurity intelligence company Sysdig found SCARLETEEL while investigating an incident in one of their clients’ cloud systems.

The hackers demonstrated advanced knowledge of AWS cloud mechanics, which they exploited to delve deeper into the company’s cloud architecture as they were deploying crypto miners in the hacked cloud settings.

In order to launch the SCARLETEEL attack, the attackers first took advantage of a weak public-facing service in a self-managed Kubernetes cluster running on Amazon Web Services (AWS).

After the attackers get access to the container, they download an XMRig coin miner, which is thought to work as a ruse, as well as a script to steal the Kubernetes pod’s login information.

The stolen credentials were then used to make Amazon API requests in order to create backdoor users and groups in the company’s cloud environment, steal further credentials, or gain persistence. The cloud environment was then used to disseminate these accounts further.

Attackers might also be able to access Lambda data such as functions, configurations, and access keys depending on how the AWS cluster role is configured.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

March 1, 2023 /

Wednesday

Hackerzhome News

2

Ransomware attack behind multi-day outage confirmed by Dish Network

Ransomware attack behind multi-day outage confirmed by Dish Network
NEWS 4

The multi-day network and service disruption that began on Friday has finally been linked to a ransomware attack, according to satellite broadcaster and TV juggernaut Dish Network.

According to The Verge, Dish Network initially attributed the network and service disruption to VPN problems. But, as BleepingComputer first reported, a note written internally to Dish staff members that we saw indicated that the disruption “was caused by an outside bad actor, a recognized threat agent.”

Dish Network stated today that it “found that the interruption was due to a cyber-security incident and contacted appropriate law enforcement authorities” in an 8-K form it filed with the U.S. Securities and Exchange Commission (SEC).

The corporation went on to say that the material filed related to its “expectations regarding its capacity to contain, assess, and remediate the ransomware assault as well as the impact of the ransomware attack on the Corporation’s employees, customers, business, operations, or financial performance.”

Dish Network also acknowledged that the threat actors obtained information (perhaps comprising personal data) from its breached networks, but it did not specify if the information belonged to its staff, clients, or both.

A New EX-22 Tool Empowers Hackers to Launch Covert Ransomware Strikes Against Businesses

EXFILTRATOR-22 (also known as EX-22), a new post-exploitation framework, has surfaced in the wild with the intention of disseminating ransomware across business networks without drawing attention to itself.

Creating a reverse shell with elevated permissions, uploading and downloading data, recording keystrokes, launching ransomware to encrypt files, and opening a live VNC (Virtual Network Computing) session for immediate access are a few of the significant capabilities.

Moreover, it has the ability to survive system restarts, migrate laterally using a worm, view processes, create cryptographic hashes of data, and extract authentication tokens.

The cybersecurity company estimated that there is a moderate degree of certainty that the threat actors behind the infection are based in North, East, or Southeast Asia and are most likely former employees of the LockBit ransomware company.

EX-22 is marketed as completely undetectable malware and is available for $1,000 per month or $5,000 for lifetime access on Telegram and YouTube.

A login panel is made available to criminal actors that purchase the toolkit so they may log onto the EX-22 server and remotely manage the malware.

A New EX-22 Tool Empowers Hackers to Launch Covert Ransomware Strikes Against Businesses
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news: