TeslaCrypt is Ransomware Targeting Gamers

Ransomware is a pretty powerful and concerning thing. It'southward affected entire Australian news stations, to the point that they had to go off of the air. But now some clever bad people are looking to target gamers specifically with a variant of Cryptolocker, chosen TeslaCrypt that looks for and encrypts games.

TeslaCrypt now targets gamers by searching for and encrypting game files and folders.

This little piece of malware really brings a new meaning to paying for downloadable content, specifically your own now encrypted games. It'southward existence distributed by a website that hosts a flash clip with an imbedded div tag.

TeslaCrypt itself takes reward of some previously known wink exploits, specifically CVE-2015-0311 and CVE-2013-2551, which is an Internet Explorer exploit. The malware is hosted on websites that are running WordPress, probable put there through the the use of the numerous WordPress plugin exploits that exists. The funny thing is that the URL itself keeps irresolute, then it seems to be hosted on an unknown number of websites.

The flash file based malware is a footling smarter than you'd think, information technology checks for virtual machines and a a number of anti-virus programs before it begins dropping its payload of TeslaCrypt.

When information technology is installed on your machine, it looks for 50 different file extensions that are normally associated with video games, also looking for the typical office documents in which to lock you out of. It specifically looks for a number of games in which to brand you lot cry.  A great deal of games are afflicted, which are listed below. When everything has been encrypted, with different AES keys of an unknown key length of each file, it sends information to its control and control server through the use of TOR to obfuscate its bodily location.

Afflicted games:

1. Single Player Games
   • Call of Duty
   • Star Craft 2
   • Diablo
   • Fallout 3
   • Minecraft
   • Half-Life ii
   • Dragon Historic period: Origins
   • The Elder Scrolls and specifically Skyrim related files
   • Star Wars: The Knights Of The Quondam Democracy
   • WarCraft 3
   • F.E.A.R
   • Saint Rows 2
   • Metro 2033
   • Assassinator's Creed
   • S.T.A.Fifty.K.E.R.
   • Resident Evil 4
   • Bioshock two
2. Online Games
   • World of Warcraft
   • Day Z
   • League of Legends
   • World of Tanks
   • Metin2
3. Visitor Specific Files
   • Various EA Sports games
   • Diverse Valve games
   • Various Bethesda games
4. Gaming Software
   • Steam
5. Game Development Software
   • RPG Maker
   • Unity3D
   • Unreal Engine

Vadim Kotov from Bromium labs was the one who institute this version of ransomware. He was surprised that information technology had evolved to the point that it targets a specific computer using demographic.

"Encrypting all these games demonstrates the evolution of crypto-ransomware every bit cybercriminal target new niches. Many young adults may non take any crucial documents or source lawmaking on their machine (even photographs are usually stored at Tumblr or Facebook), but surely near of them accept a Steam business relationship with a few games and an iTunes account full of music,"

At present ransomware is looking for games and is existence targeted at gamers themselves. This is certainly bad news for us all, though non necessarily for those that don't become nearly on fishy websites or clicking links that wait only a flake too suspicious. No details regarding the website to avoid were given, for skillful reason, but just be aware that some WordPress based websites are hosting Flash ads or clips that can very well provide the aforementioned TeslaCrypt.

Every bit always, browse smart and rubber!

Source: https://wccftech.com/teslacrypt-ransomware-targeting-gamers/

Posted by: lapanthour1943.blogspot.com

Share this post