PUBG Ransomware makes you play PUBG to decrypt hostaged files

By JC Torres/April 11, 2018 5:01 am EST

Everyone wants to ride the PUBG train. Short for PlayerUnknown's Battleground, the battle royale game is like that popular kid in school that everyone wants to be or, at the very least, be with. That seems to be true even for malware. A new type of ransomware has popped up blatantly calling itself PUBG Ransomware. Although it does hold your files hostage by encrypting them, it does also provide the key to restore them. Or you can just play PUBG for one hour.

Proof of concept or facepalm-worthy joke, you decide. The PUBG Ransomware, at least for now, it pretty harmless. It's like a newbie crook who steals jewelry but leaves a calling card with the address to his or her hideout. In fact, this thief will only do its dirty deed if you invite it.

PUBG Ransomware, of course, has to be run one way or another. When it does, it will encrypt files and folders on the user's desktop. To really make sure you know it's related to PUBG, it uses a ".pubg" filename extension for those encrypted files. And, conscientious criminal that it is, the ransomware provides a very helpful message in case you want to rescue your files.

"PUBG Ransomware

Your files, images, musics, documents are Encrypted!

Your files is encrypted by PUBG Ransomware!

but don't worry! It is not hard to unlock it.

I don't want money!

Just play PUBG 1Hours!

Or Restore is [ s2acxx56a2sae5fjh5k2gb5s2e ]"

So, yes, you can type in that code or, better yet, play PUBG! Rescue your files while playing a game? What can be better than that? OK, maybe you don't really want to play PUBG for one hour, and the ransomware understands that too. Actually you only need to run the TslGame.exe program, PUBG's program, for only 3 seconds before the ransomware starts decrypting files in mercy. Correction, you just need to run a TslGame.exe program, that is, any program that's named TslGame.exe.

Free publicity it is not, since PUGB probably wouldn't want to be associated with any malware, hoax or otherwise. There's also the risk of people taking anything called "PUBG Ransomware" lightly, only to be sucker punched later by the real deal.

VIA: Bleeping Computer