Gamers are being targeted by a very specific virus which will prevent you from playing your favourite games unless you pay what is essentially a ransom.
The new virus, once it has infected a machine, seeks out saved data files as well as play session and encrypts the data. By doing this the virus locks the players out of their own games unless the demands are met. In this case a key to unlock the encryption is only provided if the users are willing to pay somewhere in the region of £300 in bitcoins.
The virus thus far has been found in upwards of 40 games including: Call of Duty, World of Warcraft, Minecraft and World of Tanks.
This new virus seems on the surface to be similar to another piece of malware responsible for much gamer strife over the last few years; Cryptolocker ransomware. This particular virus has over the last few years ensnared thousands of people resulting in pay-outs being made to those have infected the computer with this specific piece of malware. Analysis of this new virus, Teslacrypt, however shows that it shares no coding with Cryptolocker and appears to be have been created by an entirely new cybercrime group.
Researcher Vadim Kotov from security firm Bromium said the file was catching people out via a website its creators had managed to compromise. The site involved is a WordPress blog that is inadvertently hosting a file that abuses a loophole in Flash to infect visitors. Once a computer has been infected the virus looks for any of 185 different file extensions. In particular, it seeks out files associated with popular video games and online services such as Steam that give people access to them.
Mr Kotov said of this new virus, “Interestingly, although these are all popular games, none of them matches any particular ‘Top Sellers’ or ‘Most Played’ chart”. In a move that appears odd Mr Kotov said, “They could just be games the developer loves to play.”
He was also able to confirm that the virus seeks our files containing gamers’ profiles, maps, saves and modified versions of games. He also offered a warning saying that just uninstalling any of the games which are infected may not result in the eradication of the virus. “Often it’s not possible to restore this kind of data even after re-installing a game via Steam,” he wrote.
Since the virus has not yet been cracked the only way to currently get back your files is either through paying the toll to the developers of this malware or if you had enough foresight restoring from backup files on your computer.
This is not the first nor will it be the last time that gamers are exploited but if for nothing else than to prevent yourself having to pay £300 backup your games as often as you can and hope you don’t have to pay the troll under the bridge.