Malware Wiki

Mamba Ransomware

1,335pages on
this wiki
Add New Page
Comments0 Share

Mamba is a new strain of ransomware that was discovered in September of 2016. It is a Windows based application that was found on the hard drives of computers in Brazil, India, and the United States originally by Morphus Labs, an IT security firm based in Brazil. It spreads through phishing emails.


Mamba acts very differently to the ransomware that was previously known, and is similar in operation only to Petya. Programs such as Cryptolocker, or Locky, would only encrypt files before asking for a payment, while Mamba encrypts the entire hard drive and overwrite the MBR.

Victims of this infection will find their computers booting to a screen asking for a password, which is the decryption key. The screen also contains a ransom note, asking the user for a payment of 1 bitcoin, along with an ID number generated for the computer and an email at which to request the key.

Unlike Petya, Mamba uses an open source disk encryption tool called DiskCryptor.


Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.