A new ransomware associated with PlayerUnknown’s Battlegrounds (PUBG) is seemingly just a joke, as no money is demanded to release your files.
Many types of computer viruses or ‘malware’ can make life impossible if you don’t take care when using the Internet or your computer is not adequately protected. From spyware to Trojans or requests urging you to make Bing your default search engine whenever you update Skype (well, the latter is not a virus, though you still have to take care). Yet ransomware is more popular than ever due to the opportunities it offers for making money. One case in particular, which forces victims to play PlayerUnknown’s Battlegrounds (PUBG), says a lot about the creativity of today’s criminals.
As a general rule, ransomware is not something to be taken lightly. When all’s said and done, it’s a virus. The main difference however, with other types of malware is that it doesn’t destroy data, it encrypts it, or in other words, it ‘kidnaps’ the files of the victim. Those behind these attacks simply need to provide the password in order to return the system back to normal after they have got what they were after. You may remember in fact that little more than a year ago, the ransomware WCry or WannaCry shook the world and jeopardized thousands of computers, though the case in hand involving the game PUBG is not on that scale.
The existence of this virus came to light thanks to the efforts of the MalwareHunterTeam, and its main feature is that it encrypts all files and folders on a desktop, adding the extension .PUBG, in order to “force” you to play PlayerUnknown’s Battlegrounds for an hour. I say “force” in inverted commas because the ransomware also makes it clear that you can enter a code in a corresponding box in order to return the system to normal. As such, it would seem that the malware is just a harmless joke.
Specifically, the message that aims to persuade you to rescue your hijacked data says, in poor English, that PUBG Ransomware has encrypted your files. It is made clear however, that you need not worry as nobody is after your money, and that your files can be decrypted simply by playing PlayerUnknown’s Battlegrounds for an hour or by entering a code you are given.
So, if you don’t feel like playing PUGB, you can just enter a series of numbers. Digging deeper into the code to see how it detects whether or not you are playing the game, MalwareHunterTeam’s experts have revealed that it simply monitors whether the TS1Game file (the executable that starts the game itself) has been launched or not.
Also, it is possible to avoid this particular ransomware without having to follow the instructions and play for an hour, by renaming any other file as TS1Game.exe and running it, as it only requires three seconds to detect that the action has been satisfactorily completed.
Once the requirement has been met, either using this simple trick or by directly playing PUBG (because you may feel like playing for a while anyway), the ransomware automatically decrypts the hijacked files and lets you go about your business, or perhaps play Fortnite, the competitor of PlayerUnknown’s Battlegrounds.
This is not the first time that this kind of virus associated with a video game has appeared. In 2017, there was another with a similar modus operandi, but with the difference that no code was given to bypass it and that the objective was to get a certain score in a very difficult shoot-em-up game.
Nevertheless, the security of your systems is not something to play with, and even apparently harmless jokes can end up embedding secretive Trojans that activate a few months later. Better to play video games in the conventional way and not through threats that could be infecting your computer.