PUBG Ransomware Description
The PUBG Ransomware is a file-locking Trojan that asks its victims to play a game for recovering their files, which it locks behind an encryption algorithm. Some versions also may offer their decryption code for free. The PUBG Ransomware is capable of damaging your media and may corrupt it beyond the hope of retrieval, and malware experts encourage protecting your media with backups and using anti-malware products for handling the removal of the PUBG Ransomware.
Trojans Getting in on the Latest Gaming Craze
Almost all of the file-locker Trojans available for malware experts' analyses employ ransoming methods that demand monetary compensation for their attacks. Nonetheless, statistical anomalies do exist, including some forms of Trojans that hold the victim's files hostage for nothing more than making them play video games. The PUBG Ransomware is the newest Trojan whose only 'ransom' is gaming time, long after the Tear Dr0p Ransomware's password recognition game and the RansomMine Ransomware's unofficial Minecraft promotion.
The PUBG Ransomware may be in a debugging stage; it only locks the files on the user's desktop, instead of searching through additional directories. Any content that the PUBG Ransomware encrypts also has its name modified with a '.PUBG' extension. Malware experts aren't noting any direct similarities between the PUBG Ransomware and other families of file-locking Trojans, such as Hidden Tear or EDA2, at this time.
The PUBG Ransomware's decryptor is its most unusual feature. The Advanced HTML pop-up asks the victim to play the third-person shooter, PlayerUnknown's Battlegrounds, for one hour, after which it claims that their files will unlock. In reality, the PUBG Ransomware uses a simple process-detecting feature (keying off of the name of the executable file) and begins decryption as soon as it identifies that the correct process is in memory. Current builds of the PUBG Ransomware also provide a decryption code in the pop-up, itself, which further emphasizes the probability of the PUBG Ransomware's being in mid-development.
Keeping Your Gaming Habits to Yourself
The PUBG Ransomware's ransom is much less greedy and harmful financially than those of most file-locking threats, but any non-consensual encryption always is hazardous to your documents, pictures, and other media. Users can run any file with the same name as the PUBG executable ('TslGame.exe') for triggering the PUBG Ransomware's decryption feature or recover any data from their latest backups. However, most file-locking threats don't give their victims a free unlocking option.
The PUBG Ransomware uses English for its ransom note, but with sufficiently obvious grammar issues that its author is, most likely, employing a translation tool. Malware researchers have yet to see evidence of the PUBG Ransomware's strategies for infecting new victims, although the Trojan is brand-new, and may use techniques ranging from e-mail attachments to website drive-by-downloads, such as the Nebula Exploit Kit, for installing itself. Traditional anti-malware applications may, as always, find and remove the PUBG Ransomware without letting any harm come to your files.
Besides presenting users with a reason not to save their work to their desktops directly, the PUBG Ransomware also shows how the con artists stay abreast of cultural phenomena. A video game with a growing player base is more likely than not to find itself referenced by Trojans like the PUBG Ransomware, in one way or another.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to PUBG Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.