PlayerUnknown’s Battlegrounds – popularly known as PUBG – has grown so popular that there is now ransomware for it. This new ransomware encrypts your files, and will decrypt only when you agree to play PUBG, according to the MakwareHunter Team, who first discovered this PUBG ransomware.
As absurd it may sound, the software pops out the following message after encrypting the files and folders on the desktop of the user. “Your files is encrypted by PUBG Ransomware! but don’t worry! It is not hard to unlock it. I don’t want money! Just play PUBG 1Hours!” The message is pretty straightforward. PUBG Ransomware is just asking the user to play the game for one hour straight to unlock the files.
Another top quality ransomware that asks you to play a game to decrypt files: "PUBG Ransomware".
Sample: https://t.co/qyEHMG2orL
Extension: .PUBG
This sample only encrypts files on desktop (including subdirectories)…@BleepinComputer @demonslay335 pic.twitter.com/5406DPbwmX— MalwareHunterTeam (@malwrhunterteam) April 9, 2018
It must be noted that likely the PUBG fan who created the malware, is also generous enough to share a decryption code for those who really are not into the game or their PC is not configured to run it. Playing PUBG requires top notch configurations, and all the PCs are not fitted with a Nvidia GeForce GTX 960 or equivalent.
Bleeping Computer notes that the PUBG ransomware is basic software. The software scans for “TslGame” and decrypts all the encrypted files if TslGame runs for more than three seconds.. Though the ransomware states that the game needs to be played for an hour, it starts decrypting the files even before gamers exit the PUBG splash page. Also, the PUBG ransomware is so basic that a tech savvy user can easily dupe it by renaming an executable as TslGame.exe.
Nevertheless, there is no information on the motive behind this PUBG ransomware. If it was really intended to force the gamers to play PUBG, then why give the decryption key. It could be that the PUBG ransomware has some hidden motives that we still can’t see. For now, there are no answers to these mysteries; we can only hope that the hacker will come forward to detail their objective.
Ransomware are becoming more common nowadays. According to Verizon’s 2018 Data breach Investigations Report (DBIR), ransomware attacks have surged two times over the past year. In a statement, Bryan Sartin, executive director of security professional services at Verizon, said, “[Ransomware] is now the most prevalent form of malware, and its use has increased significantly over recent years.”
Verizon analyzed over 53,000 security incidents, including 2,215 breaches, to conclude that ransomware attacks account for 39% of the malware specific incidents. More interesting is the fact that most businesses are still not beefing up the appropriate security measures around their workstations to keep ransomware at bay.
Cyber miscreants are highly fond of ransomware for its capability of targeting critical business systems to harm a company and generate profit from it. Also, ransomware involves little or no risk and no cost to the hackers. Ramsomware has also evolved with time to attack the servers and not just the PCs.
According to Verizon, the hackers go for servers because they are aware of the fact that encrypting the file on the server or database can be more effective than doing so on a single device. “Lateral movement and other post-compromise activities often reel in other systems that are available for infection and obscuration,” Verizon says.
Last year, WannaCry ransomware came as the biggest attack infecting more than 300,000 systems across 150 countries and demanded a ransom of $300 each for decrypting the files. Also, NotPetya, which scrambled master boot records, demanded Bitcoin as the primary form of the ransom payment.
In October 2017, there was a ransomware campaign, BadRabbit, which infected the security industry. The ransomware showcased the level of damage attackers could do when they targeted infrastructure rather than merely desktops. The campaign – linked to Russian telebots – was launched through malware on websites in Russia, Eastern Europe and Ukraine. Critical web properties and infrastructure in Ukraine was hit the most.
In a separate development, Microsoft has announced the new Xbox Live Gold Free Play Days game for the Xbox One. According to the company, PUBG would be available to download and play from April 19 to 22 completely free. It would be the full Xbox Game preview version of the game, including all modes: Solo, Duo and Squads. Also, all the battle points earned during the free weekend will be carried forward if the player wants to buy it outright.
For the Xbox One, the free play would be available from 12:01 a.m. PT on April 19 and ends at 11:59 p.m. on April 22. The game would be available in the Gold Member area of the Xbox Live dashboard implying that the user should have an Xbox Live Gold membership.
