Email
Password
Remember meForgot password?
    Log in with Twitter

article imageNew Cryptolocker variant targets gamers by encrypting game files

By James Walker     Mar 14, 2015 in Technology
A new version of the Cryptolocker malware has found its way onto the Internet. Named TeslaCrypt, this time gamers are the target as files of several major games are encrypted and locked down with players held to ransom for their unlock.
Cryptolocker made headlines last year with its original method of attack. The premise was simple but lethal: once installed onto a computer, all of the users' files were encrypted with a secure private key and a large ransom was charged in Bitcoins or PayPal transfer. Once this was paid, the files would be unlocked again.
TeslaCrypt works in a very similar way but only impacts PC gamers. Once hijacked, the files for over 20 popular games are encrypted, rendering them unplayable. Then, just like Cryptolocker, payment is demanded from the user before the games are unlocked.
TeslaCrypt encrypts game files on infected systems  demanding a ransom for their release
TeslaCrypt encrypts game files on infected systems, demanding a ransom for their release
Bromium Labs
Affected games include Call of Duty, World of Warcraft, Diablo, StarCraft, Assassin's Creed, Minecraft, DayZ and many others. Even game distribution platform Steam and a couple of game development software packages including Unity3D and Unreal Engine are targeted.
In total, 185 file extensions are encrypted including game saves, maps, mods, replays and all other user content rendering reinstalling the game a futile effort as a player would still have lost all of their progress.
The ransomware is currently distributed by a compromised WordPress site which redirects users to an exploit kit via an embedded Flash file. The malicious program is then downloaded and the users' games locked.
Efforts are currently underway to decrypt locked files on compromised systems without paying the attackers the stated ransom. Gamers are advised to back up all of their save games onto multiple external drives so that their progress can be recovered if their systems are infected by TeslaCrypt.
More about Malware, Cryptolocker, Game, Gamer, Gamers