PUBG Ransomware Forces Users to Play PUBG to Decrypt Their Files

Chino · Apr 17, 2018

MalwareHunterTeam recently discovered the PUBG ransomware that is currently floating around the internet. When executed, the pesky program would encrypt the files and folders that are located on the victim's desktop and add the ".PUBG" extension to them. While meant to be more of a joke than actual malware, the program demands that the victim play PUBG for an hour. Nevertheless, users can decrypt their files in two ways. They can introduce the "s2acxx56a2sae5fjh5k2gb5s2e" code into the program and proceed to restore their files or launch the PUBG executable for three seconds. MalwareHunterTeam noted that the program runs a background check for a "TslGame" process, and therefore users can rename any executable to TslGame.exe and trick the malware into thinking that the fake executable is the real deal.

View at TechPowerUp Main Site

peche · Apr 17, 2018

Chino said:
Want to play a cruel joke on your buddies? Send them a copy of the PUGB ransomware.

nice advise, indeed....!

eidairaman1 · Apr 17, 2018

Well that games ratings just went down the toilet

Supercrit · Apr 17, 2018

Make one which forces the user to answer physics or chemistry questions, that will make the world a better place.

the54thvoid · Apr 17, 2018

I don't generally do negative news comments but this was sent to me via a google feed last week. Even the source article is a week old. I think the news section ought to have 'news', not 'olds'.

Vayra86 · Apr 17, 2018

the54thvoid said:
I don't generally do negative news comments but this was sent to me via a google feed last week. Even the source article is a week old. I think the news section ought to have 'news', not 'olds'.

+1

dorsetknob · Apr 17, 2018

"Want to play a cruel joke on your buddies? Send them a copy of the PUBG ransomware."

How irresponsible of the OP to POST THIS
TPU Staff you can do better

Katanai · Apr 17, 2018

Chino said:
Want to play a cruel joke on your buddies? Send them a copy of the PUBG ransomware.

I cannot believe what TPU has become. Encrypting and decrypting all files on a computer is not a joke. A lot of things can go wrong and some of the files might become corrupted and unusable. Anyone who writes for TPU should know better than to advocate something like this...

BiggieShady · Apr 17, 2018

Have you noticed, guy names his own methods in Spanish

RutinaDeCifrado seems like DecypheringRoutine
BusarArchivos seems like ShearchArchives

Didn't bother to change his default class name Form1 to something meaningful though ... and he detects process only by name (edit: ah, it's what article is about)

qubit · Apr 17, 2018

This little "joke" is nastier than it first seems, as others have explained on here. I'll bet some malware programmer has already made a more damaging version of it, with real consequences.

"Want to play a cruel joke on your buddies? Send them a copy of the PUBG ransomware."

I don't think it's a good idea to give people ideas, either. There's nothing humorous about this malware.

BiggieShady · Apr 17, 2018

qubit said:
I don't think it's a good idea to give people ideas, either. There's nothing humorous about this malware.

I don't want to downplay seriousness of this, but as far as the damage goes, running an executable (as admin) you didn't acquire through official means, the possible damage can be even worse and just as easily as this

qubit · Apr 17, 2018

BiggieShady said:
I don't want to downplay seriousness of this, but as far as the damage goes, running an executable (as admin) you didn't acquire through official means, the possible damage can be even worse and just as easily as this

Yeah, good point. The more one thinks about it, the uglier it gets.

peche · Apr 17, 2018

dorsetknob said:
How irresponsible of the OP to POST THIS
TPU Staff you can do better

that was my sarcastic point, that should not be in news list, guest and people on internet have different interpretations for this..... just my two cents...

System Name	Athenna
Processor	intel i7 3770 Dellided
Motherboard	GIGABYTE GA-Z68X-UD3H-B3 Rev. 1.1
Cooling	Thermaltake Water 3.0 Pro + Tt Riing12 x2 / Tt ThunderBlade / Gelid Slim 120UV fans
Memory	16GB DRR3 Kingoston with Custom Tt spreaders + HyperX Fan
Video Card(s)	GeForce GTX 980 4GB Nvidia Sample
Storage	Crucial M4 SSD 64GB's / Seagate Barracuda 2TB / Seagate Barracuda 320GB's
Display(s)	22" LG FLATRON 1920 x 1280p
Case	Thermaltake Commander G42 Window
Audio Device(s)	On-board Dolby 5.1+ Kingston HyperX Cloud 1
Power Supply	Themaltake TR2 700W 80plus bronce & APC Pro backup 1000Va
Mouse	Tt eSports Level 10M Rev 1.0 Diamond Black & Tt Conkor "L" mouse pad
Keyboard	Tt eSports KNUCKER
Software	windows 10x64Pro
Benchmark Scores	well I've fried a 775' P4 12 years ago, that counts?

System Name	PCGOD
Processor	AMD FX 8350@ 5.0GHz
Motherboard	Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling	Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory	16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s)	AMD Radeon 290 Sapphire Vapor-X
Storage	Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s)	NEC Multisync LCD 1700V (Display Port Adapter)
Case	AeroCool Xpredator Evil Blue Edition
Audio Device(s)	Creative Labs Sound Blaster ZxR
Power Supply	Seasonic 1250 XM2 Series (XP3)
Mouse	Roccat Kone XTD
Keyboard	Roccat Ryos MK Pro
Software	Windows 7 Pro 64

Processor	Ryzen 2700X
Motherboard	Asrock X470 Master sli/ac
Cooling	Raijintek Themis Evo
Memory	Team Dark Pro 3200 cl14
Video Card(s)	GTX 1080
Power Supply	Seasonic Focus Gold Plus 850W

Processor	Ryzen 7800X3D
Motherboard	MSI MAG Mortar B650 (wifi)
Cooling	be quiet! Dark Rock Pro 4
Memory	32GB Kingston Fury
Video Card(s)	Gainward RTX4070ti
Storage	Seagate FireCuda 530 M.2 1TB / Samsumg 960 Pro M.2 512Gb
Display(s)	LG 32" 165Hz 1440p GSYNC
Case	Asus Prime AP201
Audio Device(s)	On Board
Power Supply	be quiet! Pure POwer M12 850w Gold (ATX3.0)
Software	W10

Processor	7800X3D
Motherboard	MSI MAG Mortar b650m wifi
Cooling	Thermalright Peerless Assassin
Memory	32GB Corsair Vengeance 30CL6000
Video Card(s)	ASRock RX7900XT Phantom Gaming
Storage	Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s)	Gigabyte G34QWC (3440x1440)
Case	Lian Li A3 mATX White
Audio Device(s)	Harman Kardon AVR137 + 2.1
Power Supply	EVGA Supernova G2 750W
Mouse	Steelseries Aerox 5
Keyboard	Lenovo Thinkpad Trackpoint II
Software	W11 IoT Enterprise LTSC
Benchmark Scores	Over 9000

PUBG Ransomware Forces Users to Play PUBG to Decrypt Their Files

Chino

peche

Thermaltake fanboy

eidairaman1

The Exiled Airman

Supercrit

the54thvoid

Super Intoxicated Moderator

Vayra86

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"

Katanai

BiggieShady

qubit

Overclocked quantum bit

BiggieShady

qubit

Overclocked quantum bit

peche

Thermaltake fanboy

System Name	Windows 10 64-bit Core i7 6700
Processor	Intel Core i7 6700
Motherboard	Asus Z170M-PLUS
Cooling	Corsair AIO
Memory	2 x 8 GB Kingston DDR4 2666
Video Card(s)	Gigabyte NVIDIA GeForce GTX 1060 6GB
Storage	Western Digital Caviar Blue 1 TB, Seagate Baracuda 1 TB
Display(s)	Dell P2414H
Case	Corsair Carbide Air 540
Audio Device(s)	Realtek HD Audio
Power Supply	Corsair TX v2 650W
Mouse	Steelseries Sensei
Keyboard	CM Storm Quickfire Pro, Cherry MX Reds
Software	MS Windows 10 Pro 64-bit

System Name	Quantumville™
Processor	Intel Core i7-2700K @ 4GHz
Motherboard	Asus P8Z68-V PRO/GEN3
Cooling	Noctua NH-D14
Memory	16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s)	MSI RTX 2080 SUPER Gaming X Trio
Storage	Samsung 850 Pro 256GB \| WD Black 4TB \| WD Blue 6TB
Display(s)	ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) \| Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case	Cooler Master HAF 922
Audio Device(s)	Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply	Corsair AX1600i
Mouse	Microsoft Intellimouse Pro - Black Shadow
Keyboard	Yes
Software	Windows 10 Pro 64-bit