How serious is the PUBG addiction

PUBG ransomware decrypts files when victim plays PUBG

Blackmail trojans plague computer users with new encryption tricks and infection tactics. But now a malware called "PUBG Ransomware" is going in a very unusual way: The encrypted data is restored as soon as the victim plays the computer game Player Unknown's Battlegrounds (PUBG for short). So it is a joke ransomware.

The PUBG ransomware was discovered by the security researchers of the MalwareHunter team. The Trojan encrypts all files on the desktop with the extension ".PUBG" and displays a blackmail message: "Your files, images, music, documents are Encrypted!". But then the hacker writes that you shouldn't worry - he doesn't want any money. Instead, it offers two options for decryption: Either you play PUBG for 7 hours or you simply enter the restore code "s2acxx56a2sae5fjh5k2gb5s2e" in the field provided for this purpose in the pup-up.

Reading tip: Antivirus test 2018

According to an analysis by the security blog Bleeping Computer, the PUBG ransomware is also not very sophisticated. To check whether the victim is actually playing PUBG, she simply looks for the name of the PUBG start file in the process list. It would therefore be sufficient to run any EXE file with the name "TslGame.exe". The security researchers have not specified how the PUBG ranomware spreads.

Earlier joke ransomware claimed high scores

Bleeping Computer also reports previous cases of joke ransomware. In April 2017, for example, a Trojan called RensenWare made the rounds, in which the victim had to achieve a certain high score in the game TH12 ~ Undefined Fantastic Object in order to decrypt his files. The developer used this joke malware to infect his own computer. True to the motto: "Sorry boss, I can't work today - here is ransomware that says I have to play".

April 10, 2018 by Manuel Medicus