
PUBG Ransomware Decrypts Your Files If You Play PlayerUnknown's Battlegrounds (bleepingcomputer.com) 51
An anonymous reader quotes Bleeping Computer:
In what could only be a joke, a new ransomware has been discovered called "PUBG Ransomware" that will decrypt your files if you play the game called PlayerUnknown's Battlegrounds... When the PUBG Ransomware is launched it will encrypt a user's files and folders on the user's desktop and append the .PUBG extension to them. When it has finished encrypting the files, it will display a screen giving you two methods that you can use to decrypt the encrypted files.
Users can unlock it either by entering a secret unlock code displayed on the screen -- or by playing PlayerUnknown's Battlegrounds. The ransomware checks to see if you played PlayerUnknown's Battlegrounds by monitoring the running processes for one named "TslGame"... Once a user plays the game and the process is detected, the ransomware will automatically decrypt the victim's files. This ransomware is not too advanced as it only looks for the process name and does not check for other information to confirm that the game is actually being played. That means you can simply run any executable called TslGame.exe and it will decrypt the files.
Users can unlock it either by entering a secret unlock code displayed on the screen -- or by playing PlayerUnknown's Battlegrounds. The ransomware checks to see if you played PlayerUnknown's Battlegrounds by monitoring the running processes for one named "TslGame"... Once a user plays the game and the process is detected, the ransomware will automatically decrypt the victim's files. This ransomware is not too advanced as it only looks for the process name and does not check for other information to confirm that the game is actually being played. That means you can simply run any executable called TslGame.exe and it will decrypt the files.