This New Ransomware Will Hold Your Files Captive Until You Play PUBG
Normally when you think about ransomware you think about something clearly malicious such as Petya and others. You could get your files back if infected with Petya, but the hackers wanted $300 in bitcoin to do it. A new kind of ransomware, however, is making the rounds and this variant is based on the game PUBG (Player Unknown's Battlegrounds), of all things. PUBG is a battle royale style game that is played online in large multiplayer formats, and all this PUBG Ransomware wants you to do is play the game for an hour. Not so bad, right? Well, it is still ransomware.
The ransomware was discovered by MalwareHunterTeam and like other ransomware attacks, PUBG Ransomware will encrypt all your files and folders and it appends the. PUBG extension to them. After the malware finishes the encryption process, it shows the screen pictured below and gives the victim two ways to decrypt the files. The only good news is neither involves giving a crook your money.
If you aren’t the sort into playing games, the attacker gives you the restore key right on the screen. All the user needs to do is enter that code and click restore. Reports indicate that you don’t even need to play the game for a full hour. The ransomware looks for a process called TslGame and if you run that executable for a scant three seconds, your content is automatically decrypted.
The ransomware tool isn’t so advanced that it cares if you actually play the game, running any executable called TslGame.exe will decrypt the files. Clearly, the person or persons behind the PUBG Ransomware meant this as a joke, but it's sure to annoy just about anyone who is infected with it.
The same MalwareHunterTeam are the folks who found the RensenWare malware back in 2017 that required you to play the TH12 game and score .2 billion points to recover files. It's unclear exactly how PUBG Ransomware is proliferating at this time.