• Forums
  • Our YouTube channel
  • Join our Discord!
  • ModMyForums
  • Official RSS
  • Twitter masterfeed
  • About us
  • Mobile Nations
hahaha... what

This new ransomware will encrypt your desktop files unless you play PlayerUnknown's Battlegrounds

Aloys Detey
16 Apr 2018

The rise of Battle Royale games has been steadily increasing in the past few months, and we can probably thank PlayerUnknown's Battlegrounds for that. Everybody seems to love PUBG, as it has already sold 33 Million units on PC alone in less than a year.

Some people seem to love the game so much that they create very bizarre programs, like this PUBG Ransomware that will encrypt all of your desktop files—including subdirectories—until you start playing the game "for at least an hour." This is by far one of the weirdest pieces of software we've ever written about.

The malware was first spotted by MalwareHunterTeam, explaining that the software encrypts and decrypts files using a .PUBG file extension.

Another top quality ransomware that asks you to play a game to decrypt files: "PUBG Ransomware".
Sample: https://t.co/qyEHMG2orL
Extension: .PUBG
This sample only encrypts files on desktop (including subdirectories)...@BleepinComputer @demonslay335 pic.twitter.com/5406DPbwmX

— MalwareHunterTeam (@malwrhunterteam) April 9, 2018

After encrypting your files, the malware will open a new window with clear instructions on how you can decrypt the files. It offers two options: Either you use the restore code "s2acxx56a2sae5fjh5k2gb5s2e" into the software, or you can just start playing PlayerUnknown's Battlegrounds.

As the source code below illustrates, the software will monitor your computer's running processes and check if "TslGame"—PUBG's process—is running. Although it's stated by the Ransomware that you need to play the game for an hour, you only need to have the process running for about 3 seconds until your files get decrypted.

Because the source code isn't too advanced and only checks the processes by name, another way of dealing with this Ransomware is to run any executable called TslGame.exe, and it will automatically decrypt your desktop files.

This Ransomware isn't dangerous per se, but it's definitely not something you want to install. We don't know for sure what the software is doing in the background without a deep dive into the entire code.

via BleepingComputer

  • Windows
  • PUBG
Aloys Detey

Aloys Detey

Aloys Detey is a console hacking writer at ModMy. He is primarily known for his gaming articles on a multitude of blogs and journals, but he is also a technology enthusiast who has been using Linux distros (mostly Arch) since he was 11 years old. You can find him ranting about all sorts of things on his Twitter account.

  • Jailbreak iOS
  • Root Android
  • CFW your PSVita
  • Disable macOS SIP
  • Hackintosh your PC
  • Build a Smart TV box
  • PWN your SNES
  • Android Central
  • iMore
  • Windows Central
  • CrackBerry
  • TechnoBuffalo
Log in or Sign up
  • twitter
  • facebook
  • youtube
  • Instagram
  • rss
  • discord

Brightness

  • © Future US, Inc.
  • Terms & Conditions
  • Cookie Policy
  • Privacy Policy
  • Careers
  • Licensing
  • External Links Disclosure
  • Accessibility Statement
  • © Future US, Inc.
  • Terms & Conditions
  • Cookie Policy
  • Privacy Policy
  • Careers
  • Licensing
  • External Links Disclosure
  • Accessibility Statement