Rensenware Ransomware

Posted: April 10, 2017
Threat Metric
Threat Level: 10/10
Infected PCs 84

Rensenware Ransomware Description

The Rensenware Ransomware is a Trojan that locks your files with an encryption algorithm until you reach a specified high score in an accompanying video game. Although its ransoming demand is less expensive than those of most, similar Trojans, the Rensenware Ransomware still is a threat to your files. Use backups or the free software recommended in this article to recover any encoded content and remove the Rensenware Ransomware with any standardized anti-malware product.

Shoot-'Em-Up to Shoot Trojans Down

The early days of threatening software often were steeped in the idle mischief of compromising PCs for amusement, rather than money. While the threat marketplace has undergone a swerve towards profit, since that time, at least one programmer still has an interest in programming Trojans 'the old-fashioned way.' His project, the Rensenware Ransomware, leverages file-encrypting attacks, not for making ransom money, but for forcing the victim to play a video game.

The original versions of the Rensenware Ransomware encrypt files on your PC, such as documents, to block you from being able to open them, similar to the attacks of the Crysis Ransomware, Troldesh or Hidden Tear. When it finishes encrypting that content, the Rensenware Ransomware loads a pop-up window displaying a character from the 'Touhou' spaceship-shooter franchise, along with an explanation of its demands. Instead of requesting money to have their files unlocked with the built-in decryptor feature, the Rensenware Ransomware asks its victims to beat a high score in the game on the 'Insane' difficulty setting.

Upon an initial look, the above conditions may seem trivial, compared to the Bitcoin ransoms of up to thousands of dollars that malware experts see in competing Trojans. However, the 'bullet hell' genre that Touhou belongs to is notorious for its severe difficulty, potentially putting the decryptor out of the reach of all but the most experienced players. Malware experts do note that the Rensenware Ransomware doesn't include any anti-cheat functionality, meaning that interested users could 'trick' the Trojan by editing the relevant memory values directly.

Declaring a Ceasefire in Video Game Warfare

In addition to being a throwback to the entertainment-oriented days of threatening software, the Rensenware Ransomware also is a rarity for being the product of a repentant threat actor. Its author has modified versions of the threat available publicly to exclude the encryption attack, in addition to providing a custom utility for triggering the Rensenware Ransomware's decryption via brute force. Some third-party game cheat resources also can provide working solutions, although malware experts recommend avoiding downloads of illicit software, particularly through unsafe resources like torrent networks.

The Rensenware Ransomware never was meant to be distributed in the wild. However, the threat industry is rife with examples of open-source Trojans having their code hijacked and abused for worse purposes than were intended originally, as readers can see with the variants of Hidden Tear and EDA2. Backups are the most guaranteed way of preventing Trojans with file-encrypting payloads from causing any harm that you can't resolve without fulfilling the ransom demands inevitably. Professional anti-malware protection also can preempt the encryption attack by removing the Rensenware Ransomware before it.

Compared to its more profit-oriented competitors, the Rensenware Ransomware's extortion preference is one of the most remarkable to date, but its method of taking your files hostage is anything but unusual. The long-term safety of your media is anything but a game, and relatively few gamers should feel comfortable with needing to beat an arbitrary score in a space shooter to reacquire their media.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Rensenware Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Home Malware Programs Ransomware Rensenware Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.