Earlier this week, reported on how the Bitcoin ransomware CryptoLocker infected over 200 computers at the Free University of Amsterdam. By the look of things, the CryptoLocker ransomware is targeting a different audience this time around, by directly going after video gamers and reviewers. No one is safe from CryptoLocker these days it seems.
Mainstream Games Affected
Original reports state that over 20 [popular] video games can be affected by the Cryptolocker ransomware, but truth be told, the list is far longer than that. Seeing as how most video games use the same type of data file extensions, more and more well-known titles are being affected by this new version of the CryptoLocker ransomware.
Popular games include but are not limited to: Minecraft, Half-Life 2, The Elder Scrolls V: Skyrim, Assassin’s Creed, and Metro 2033. However, multiplayer games such as World of Warcraft, Day Z, League of Legends and World of Tanks are also targeted by the ransomware. More importantly, Steam – one of the world’s most popular gaming library platforms – has been reported to suffer from these attacks as well.
And the bad news doesn’t stop there unfortunately. Video game developers will also feel the wrath of this new CryptoLocker ransomware version, as game development software is vulnerable as well. RPG Maker, Unity 3D and Unreal Engine are some of the examples which have been verified to be subject to infection by CryptoLocker.
Same Modus Operandi As Before
Even though this is a new version of CryptoLocker [or so it appears to be anyway] the modus operandi of this ransomware remains the same. Important files are encrypted, the user gets a warning about being infected with CryptoLocker and the fact they have to pay up in order to have their files decrypted again. Payment can be done with Bitcoin and credit card, and the payment procedure itself is operating through a website located in the TOR domain.
According to a report by Bromium Labs, every instance of the CryptoLocker ransomware generates its very own Bitcoin wallet address. Besides encrypting and decrypting files on a host’s computer, the CryptoLocker ransomware also generates its own Bitcoin address once a computer has been infected.
With 185 file extensions proven to be vulnerable to the new CryptoLocker ransomware, it is expected that many individuals and companies will be affected down the line. Needless to say, the fact that Bitcoin is somehow tied to restoring your files will not instill any confidence in the disruptive digital currency.