PUBG Ransomware
The PUBG Ransomware is a file-locking Trojan that asks its victims to play a game for recovering their files, which it locks behind an encryption algorithm. Some versions also may offer their decryption code for free. The PUBG Ransomware is capable of damaging your media and may corrupt it beyond the hope of retrieval, and malware experts encourage protecting your media with backups and using anti-malware products for handling the removal of the PUBG Ransomware.
Trojans Getting in on the Latest Gaming Craze
Almost all of the file-locker Trojans available for malware experts' analyses employ ransoming methods that demand monetary compensation for their attacks. Nonetheless, statistical anomalies do exist, including some forms of Trojans that hold the victim's files hostage for nothing more than making them play video games. The PUBG Ransomware is the newest Trojan whose only 'ransom' is gaming time, long after the Tear Dr0p Ransomware's password recognition game and the RansomMine Ransomware's unofficial Minecraft promotion.
The PUBG Ransomware may be in a debugging stage; it only locks the files on the user's desktop, instead of searching through additional directories. Any content that the PUBG Ransomware encrypts also has its name modified with a '.PUBG' extension. Malware experts aren't noting any direct similarities between the PUBG Ransomware and other families of file-locking Trojans, such as Hidden Tear or EDA2, at this time.
The PUBG Ransomware's decryptor is its most unusual feature. The Advanced HTML pop-up asks the victim to play the third-person shooter, PlayerUnknown's Battlegrounds, for one hour, after which it claims that their files will unlock. In reality, the PUBG Ransomware uses a simple process-detecting feature (keying off of the name of the executable file) and begins decryption as soon as it identifies that the correct process is in memory. Current builds of the PUBG Ransomware also provide a decryption code in the pop-up, itself, which further emphasizes the probability of the PUBG Ransomware's being in mid-development.
Keeping Your Gaming Habits to Yourself
The PUBG Ransomware's ransom is much less greedy and harmful financially than those of most file-locking threats, but any non-consensual encryption always is hazardous to your documents, pictures, and other media. Users can run any file with the same name as the PUBG executable ('TslGame.exe') for triggering the PUBG Ransomware's decryption feature or recover any data from their latest backups. However, most file-locking threats don't give their victims a free unlocking option.
The PUBG Ransomware uses English for its ransom note, but with sufficiently obvious grammar issues that its author is, most likely, employing a translation tool. Malware researchers have yet to see evidence of the PUBG Ransomware's strategies for infecting new victims, although the Trojan is brand-new, and may use techniques ranging from e-mail attachments to website drive-by-downloads, such as the Nebula Exploit Kit, for installing itself. Traditional anti-malware applications may, as always, find and remove the PUBG Ransomware without letting any harm come to your files.
Besides presenting users with a reason not to save their work to their desktops directly, the PUBG Ransomware also shows how the con artists stay abreast of cultural phenomena. A video game with a growing player base is more likely than not to find itself referenced by Trojans like the PUBG Ransomware, in one way or another.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.