PlayerUnknown's Battlegrounds (PUBG) created quite a stir when it was launched a few months back. The game garnered almost unanimous praise and almost everyone (at least everyone here at Digit) has played the game. However, if a new ransomware has its way, you would have no other option but to play the game. Instead of asking for money to decrypt files, it reportedly tells users to play PUBG.
According to a report by Bleeping Computer, it is called the PUBG ransomware was first spotted by malwareHunterTeam. When launched, it encrypts a users files and folders on the desktop and appends the .PUBG extension to them. Once the files have been encrypted, the ransomware displays a screen that gives users two options. Either play the game for an hour, or just type in the code, ‘s2acxx56a2sae5fjh5k2gb5s2e’ to decrypt the files. So yeah… it’s more of a joke ransomware unlike its more malicious bretheren, Petya and WannaCry.
The ransom screen states, “Your files is encrypted by PUBG Ransomware! but don't worry! It is not hard to unlock it. I don't want money! Just play PUBG 1Hours!”
According to the BleepingComputer’s report, the PUBG Ransomware checks to see if the users is playing PUBG by monitoring the one of the processes named ‘TslGame’. It also adds that even though the ransom note asks the user to play for an hour, it will reportedly decrypt the files after running the executable for three seconds. The report also adds that since the ransomware isn’t too advanced, running any executable for called ‘TslGame.exe’ should decrypt the files. Although most gamers would agree that playing the game would be more fun.
Check out our first impressions of PUBG on mobile here.
Another top quality ransomware that asks you to play a game to decrypt files: "PUBG Ransomware".
This sample only encrypts files on desktop (including subdirectories)...@BleepinComputer@demonslay335pic.twitter.com/5406DPbwmX — MalwareHunterTeam (@malwrhunterteam) April 9, 2018