Beware of Encrypting Ransomware that Targets Games

quickhealMumbai, June 2, 2015: If you are a gaming freak, you may be used to paying for unlocking downloadable content in your favorite games. Just like irreplaceable photos, a game save, is the product of countless hours of gaming, and is extremely valuable and hard to replace. But what if your game saves were encrypted and held for ransom and you’re forced to pay to decrypt them? That’s exactly what the crypto-ransomware TeslaCrypt is doing.


Ransomware is a sophisticated malicious program that takes control of the infected computer or its data, and demands money (ransom) from its victim. With crypto-ransomware, hackers are attacking gaming consoles such as PS3s and Xbox.  


TeslaCrypt is a new crypto-ransomware that targets Windows users and encrypts video game related files. It targets over 50 file extensions related to single and multiplayer video games and even game development software. Unlike other ransomware that typically target images, documents, videos, and applications databases, TeslaCrypt also targets over 40 different video game related files belonging to games such as RPG Maker, Call of Duty, Dragon Age, StarCraft, MineCraft, World of Warcraft, World of Tanks, and Steam.


TeslaCrypt is distributed mainly via email attachments and malicious websites. It encrypts data files so they can no longer be opened. It then displays an application that contains instructions on how to get your files back. These instructions include a link to a Decryption Service site, which will inform you of the current ransom amount, the amount of files encrypted, and instructions on how to make your payment (approximately $400).  As per reports, between February and April 2015, attackers extorted approximately $76,522 from around 163 victims.


Once TeslaCrypt encrypts your files, there is no way that you can decode them without paying the ransom amount. But you don’t want to pay for something you already own, right?

Regular data backup is the only way you can recover from a ransomware attack. Offline backup is recommended because ransomware also targets files in external storage drives. Most importantly, install a comprehensive antivirus solution like Quick Heal that prevents ransomware infections with its real-time Email and Web Security feature that automatically blocks infected and malicious emails and websites. Quick Heal detects TeslaCrypt and proactively blocks the infection.


For more information and tips, check