Ransomware usually infects people’s computers, encrypts their files and then demands a ransom payment (though even if you pay several hundred dollars online via Bitcoin, the hackers behind the virus aren’t guaranteed to send you a real key to unlock your files). A new kind of this malware does something completely different – makes you to get a high score on a game.
According to Ars Technica, ‘Rensenware’, as this virus has been nicknamed, locks away users’ files and compels them to play Touhou Seirensen – Undefined Fantastic Object, a bullet hell scroller shooter with an anime theme. If you get a score of over 200 million points on the ‘Lunatic’ level you will get your files back. It’s obviously an insanely difficult level and a gigantic score to achieve – a daunting task, especially for non-gamers. It would probably be easier for an average user just to pay money.
Rensenware hijacks in a hilarious way. If you fell victim of the ransomware, a red window shows up on your PC or phone. It contains a huge chunk of text on the right and the portrait of an anime character on the left. The message reads as ‘Minamitsu “The Captain” Murasa has encrypted your precious data like documents, music, photos and some kinda project files and can’t be recovered without this application since it is encrypted with ‘highly strong’ encryption algorithm.’
The actions that are needed for the files’ recovery are also described on this message. It also warns, that you shouldn’t cheat. The message also has a status portion that displays victims’ scores. The virus checks the memory to be sure if the mentioned level and score is achieved.
According to Kotaku’s report, this kind of ransomware was invented not for malicious purposes, but as a prank by a Korean student (whose Twitter name is Tvple Eraser) just out of boredom. He dropped the joke virus on Github, went to bed, and when he’d woken up, he found out that his creation had spread and compromised many PCs and phones. He even managed to infect his own PC.
Tvple Eraser posted an apology acknowledging that he unintentionally ‘released a kind of highly fatal malware’. He admitted that he should’ve deleted the encryption/decryption logic before he distributed the code, but he didn’t do that. Since he felt very guilty about this whole incident, he removed the Rensenware’s source code from the Github, developed a neutralizer of Rensenware and put an executable file and the source codes on Github. This neutralizer a forcer, which directly manipulates the game’s memory and allows to get around the virus’ encryption without playing the game. Now everyone unlucky enough to suffer from this can cure their PC.
But just because the Github code has been deleted, it does not automatically mean that the code has disappeared from the Net. We remind that Internet users should be very cautious about games and programs they download and install.