PUBG Ransomware

Posted: April 10, 2018

PUBG Ransomware Description

The PUBG Ransomware is a file-locking Trojan that asks its victims to play a game for recovering their files, which it locks behind an encryption algorithm. Some versions also may offer their decryption code for free. The PUBG Ransomware is capable of damaging your media and may corrupt it beyond the hope of retrieval, and malware experts encourage protecting your media with backups and using anti-malware products for handling the removal of the PUBG Ransomware.

Trojans Getting in on the Latest Gaming Craze

Almost all of the file-locker Trojans available for malware experts' analyses employ ransoming methods that demand monetary compensation for their attacks. Nonetheless, statistical anomalies do exist, including some forms of Trojans that hold the victim's files hostage for nothing more than making them play video games. The PUBG Ransomware is the newest Trojan whose only 'ransom' is gaming time, long after the Tear Dr0p Ransomware's password recognition game and the RansomMine Ransomware's unofficial Minecraft promotion.

The PUBG Ransomware may be in a debugging stage; it only locks the files on the user's desktop, instead of searching through additional directories. Any content that the PUBG Ransomware encrypts also has its name modified with a '.PUBG' extension. Malware experts aren't noting any direct similarities between the PUBG Ransomware and other families of file-locking Trojans, such as Hidden Tear or EDA2, at this time.

The PUBG Ransomware's decryptor is its most unusual feature. The Advanced HTML pop-up asks the victim to play the third-person shooter, PlayerUnknown's Battlegrounds, for one hour, after which it claims that their files will unlock. In reality, the PUBG Ransomware uses a simple process-detecting feature (keying off of the name of the executable file) and begins decryption as soon as it identifies that the correct process is in memory. Current builds of the PUBG Ransomware also provide a decryption code in the pop-up, itself, which further emphasizes the probability of the PUBG Ransomware's being in mid-development.

Keeping Your Gaming Habits to Yourself

The PUBG Ransomware's ransom is much less greedy and harmful financially than those of most file-locking threats, but any non-consensual encryption always is hazardous to your documents, pictures, and other media. Users can run any file with the same name as the PUBG executable ('TslGame.exe') for triggering the PUBG Ransomware's decryption feature or recover any data from their latest backups. However, most file-locking threats don't give their victims a free unlocking option.

The PUBG Ransomware uses English for its ransom note, but with sufficiently obvious grammar issues that its author is, most likely, employing a translation tool. Malware researchers have yet to see evidence of the PUBG Ransomware's strategies for infecting new victims, although the Trojan is brand-new, and may use techniques ranging from e-mail attachments to website drive-by-downloads, such as the Nebula Exploit Kit, for installing itself. Traditional anti-malware applications may, as always, find and remove the PUBG Ransomware without letting any harm come to your files.

Besides presenting users with a reason not to save their work to their desktops directly, the PUBG Ransomware also shows how the con artists stay abreast of cultural phenomena. A video game with a growing player base is more likely than not to find itself referenced by Trojans like the PUBG Ransomware, in one way or another.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to PUBG Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

Home Malware Programs Ransomware PUBG Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.