Because of the growing number of multiplayer online games, malicious hacks and attacks are now targeting players who are becoming more and more dependent on the Internet. One of the most infamous hacks is a ransomware, a malware that restricts access to a game player's system or saved game data. The perpetrator then solicits money or some other form of payment, thereby holding the player at bay until the latter pays a ransom to gain back access.
Now, a similar attack is targeting online players, particularly those who are gamers for popular titles like "Call of Duty," "Minecraft," "Fallout 3," and "World of Warcraft."
Called Teslacrypt, this ransomware encrypts the player's files, including game save data, to stop the user from playing the game. In order to unlock the files, victims will have to pay from $500 up to $1000 Bitcoins. Players would be having a hard time dealing with the ransomware, since re-installing the game via Steam won't unlock the hostaged files.
Analyzed by Bromium Labs, Teslacrypt is found out to be not as powerful as the infamous Cryptolocker, although still as problematic. Once the data is encrypted, the malware displays a message with a countdown timer and instructions on how to get back game access. The ransomware uses Tor to communicate with the player, and hands out a domain where the ransom can be paid.
According to Vadim Kotov of Bromium Labs, the malware infects the machine itself and looks for 185 different file extensions, looking for data associated with video games and online services such as Steam.
"Interestingly, although these are all popular games, none of them matches any particular 'Top Sellers' or 'Most Played' chart and could just be games the developer loves to play," Mr. Kotov wrote in the company's website.
Developers and white hats are still having a hard time combating this malware, since the encryption method has yet to be hacked.
