Crypto investors face a new malware threat that has been stealing their digital assets since December 2022. According to cybersecurity firm Cisco Talos, MortalKombat ransomware and Laplas Clipper malware are responsible for the attacks.
The two malicious files actively scour the internet and are designed to detect wallet addresses stored on the user’s clipboard. Once detected, the malware replaces the address with a different one, allowing the attacker to receive the stolen cryptocurrencies. The majority of victims are based in the United States, with others located in the United Kingdom, Turkey, and the Philippines.
How the Malware Works
The malware is delivered via a cryptocurrency-themed email containing a malicious attachment. Once the attachment is opened, the malware downloads and executes the ransomware, encrypting the user’s files and dropping a ransom note with payment instructions.
The malware has been successful due to the user’s inattentiveness to the sender’s wallet address, which means that both individuals and small and large organizations have fallen victim to the attack.
Ransom Notes and Download Links
Victims of the MortalKombat ransomware have shared ransom notes, revealing the download links (URLs) associated with the attack campaign. One link reaches an attacker-controlled server based in Poland, which is running an RDP crawler and scanning the internet for exposed RDP port 3389.
Protecting Against the Attack
Investors can proactively protect their financial well-being by ensuring that they perform extensive due diligence before investing and by verifying the official source of all communications. To keep crypto assets safe, investors should read Cointelegraph Magazine’s article on the topic.
Decline in Ransomware Revenues
While the new malware threat is worrying for investors, on the flip side, ransomware revenues for attackers have plummeted by 40% to $456.8 million in 2022. This decline is due to ransomware victims increasingly refusing extortion demands.
Chainalysis, the blockchain analytics firm, has revealed that the figures don’t necessarily mean the number of attacks is down from the previous year.
Crypto investors face new malware threats that can lead to the loss of their digital assets. By staying vigilant and taking steps to protect their investments, they can prevent these attacks from causing harm. As always, it is essential to perform due diligence before investing and to verify the source of all communications.