A tricky computer virus has been discovered which amazingly manages to hold people’s video games at ransom in exchange for extortionate amounts of money. The virus is a variant of crypto-ransom software TeslaCrypt, which notoriously hold people’s computers to ransom for massive amounts of money by locking out their programs.
File extensions associated with games, including Steam files and even developer tools, are disabled by the malware, which attempts to extort cold hard cash from users in order to lift the lockout. A cryptographic key is generated and will only be released to the victim if the money is paid, plus after a while, the key will be destroyed if no payment is made.
Obviously the program can be blocked by anti virus software – at the moment it can only be picked up if one visits a certain WordPress blog which shows a specific banner ad containing the Angler malicious code exploit kit. Only users of the Opera browser and Internet Explorer up to IE 11 are affected.
Once users get the malware, there’s not a lot you can do except attempt to reformat your hard drive and start again. For gamers of course this means a loss of save files, and a reformat in general will mean your files will all be gone. But in some cases with games your information is uploaded to the internet, as with Steam, so that might mean you’re safe.
Ransomware, as it’s called, has been around for a while. Earlier versions of programs often tricked users into thinking their computers contained illegal pornography or other scandalous content. We encountered one once that could easily be worked around using shortcuts within Windows, and managed to remove it.
A little trick you can do is hit the print button, or attempt to save an image file to a location, or use any function that opens a Windows explorer dialogue window. Once that’s open, you can then re-access your desktop using the temporary Explorer windows to access and open files.
However, this ‘encryption’ and ‘private key’ business adds a more difficult to remove aspect to this particular Ransomware – being locked out of your files is obviously a nightmare, you genuinely won;t be able to access them without that key. Once you’re hit there isn’t really another solution, so it’s good that Bromium, a security company, managed to identify this Malware.
For a complete list of programs affected, and a more in-depth analysis (with jargon) from the experts, check out the link to Bromium below. In the mean time stay on the safe side of the internet, think before downloading files, and in remember to work safe and be smart online.
More Information @ Bromium