Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ransomware Asks For High Score Instead of Money (arstechnica.com)

Posted by BeauHD on from the do-you-want-to-play-a-game dept.

An anonymous reader quotes a report from Ars Technica: Rensenware" forces players to get a high score in a difficult PC shoot-em-up to decrypt their files. As Malware Hunter Team noted yesterday, users on systems infected with Rensenware are faced with the usual ransomware-style warning that "your precious data like documents, musics, pictures, and some kinda project files" have been "encrypted with highly strong encryption algorithm." The only way to break the encryption lock, according to the warning, is to "score 0.2 billion in LUNATIC level" on TH12 ~ Undefined Fantastic Object. That's easier said than done, as this gameplay video of the "bullet hell" style Japanese shooter shows. As you may have guessed from the specifics here, the Rensenware bug was created more in the spirit of fun than maliciousness. After Rensenware was publicized on Twitter, its creator, who goes by Tvple Eraser on Twitter and often posts in Korean, released an apology for releasing what he admitted was "a kind of highly-fatal malware." The apology is embedded in a Rensenware "forcer" tool that Tvple Eraser has released to manipulate the game's memory directly, getting around the malware's encryption without the need to play the game (assuming you have a copy installed, that is). While the original Rensenware source code has been taken down from the creator's Github page, a new "cut" version has taken its place, showing off the original joke without any actually malicious forced encryption.

36 comments

  1. Nope by Anonymous Coward · · Score: 0

    That's not ransomware, that's justiceware.
    Everyone in the world should be forced to play touhou.
    The weeaboo virus shall spread, and world peace will ensue.
    2hu WILL RULE THE WORLD

  2. Doesn't matter.... by DewDude · · Score: 0

    Someone has likely mirrored the original code. It will likely wind up used in other tools. This person needs to be in jail.

    1. Re:Doesn't matter.... by lucasnate1 · · Score: 1

      Do you also think that if someone designs a new gun he should be in jail? If not I would be glad to know why this is different.

      --
      Avantgarde Hebrew science fiction
    2. Re:Doesn't matter.... by Gravis+Zero · · Score: 1

      Someone has likely mirrored the original code. It will likely wind up used in other tools. This person needs to be in jail.

      Ransomware doesn't occur in a vacuum but rather it's a simple application that uses many different libraries. Anyone with half a brain can make it, so what does it matter if someone mirrors the code?

      I think more effort should be put into protecting data from accidental or malicious destruction by an application rather than trying to force the world to conform any particular set of laws. Seriously, it wouldn't take many changes to prevent this kind of shit from happening.

      --
      Anons need not reply. Questions end with a question mark.
    3. Re:Doesn't matter.... by Anonymous Coward · · Score: 0

      I think more effort should be put into protecting data from accidental or malicious destruction

      Operating systems already provide all the tools needed to do that. People simply do not use those tools.

    4. Re:Doesn't matter.... by Highdude702 · · Score: 1

      THIS! See this is why i like your comments. you normally dont feed into the bullshit and you have a solid head on your shoulders. Why punish the people pointing out how fucking stupid you are, when you can just learn how to avoid it completely. people with no idea on how the internet works, Im looking at you Billy Gates.... adopt all this new fangled IoT crap thats insecure against viruses(what we will call it) as a sheep skin condom. yet want to jail the people telling them that that condom only protects against pregnancy and not HiV. its ludicrous! Atleast go after the maufacturers that are just trying to peel the dollars out of your pocket and give no fucks about what happens on your network.

    5. Re:Doesn't matter.... by Highdude702 · · Score: 1

      Not all operating systems do. And the tools that most OS's provide(windows mainly) are filled full of more holes than the item that will let the intruders in. Its like when people buy a .99 cent store pad lock and wonder how their dog broke into the treat box it was on. When you can chew thru a lock its not secure.

    6. Re: Doesn't matter.... by Anonymous Coward · · Score: 0

      It's totally easy to tell what is a wanted command and what is not. We should just have a UAC for every op code that runs through the processor . With a captcha of course to make sure it's not a bot or malicious program. And it should be 2fa for every call. And encrypted. Cloud based. And there should be an AI. and it should be privacy.

    7. Re: Doesn't matter.... by Anonymous Coward · · Score: 0

      Gotta arrest the car makers too. They kill thousands a year. ...ffs

    8. Re: Doesn't matter.... by Anonymous Coward · · Score: 0

      Remember when old computers used to have read and write lights on the hdd?

      I've saved a fee virus infections by watching these and yanking the power cord out

    9. Re:Doesn't matter.... by Anonymous Coward · · Score: 0

      A gun can be used for self defense. This can't.

    10. Re:Doesn't matter.... by Anonymous Coward · · Score: 0

      ???
      someone threatens to kill you
      you ransomware his files

      not exactly a civil way of solving a problem but if you shot them in the face that doesn't seem any more civil either, but you'll accept the second as self-defense

    11. Re:Doesn't matter.... by Anonymous Coward · · Score: 0

      Ok. So you're in a dark alley and someone pulls a gun on you. You ransomware his files. That's perfectly equivalent and realistic.

      Another practical example: A random person is forced to defend themselves. Can they pull a trigger? Yes. Can 99.9% of people ransomware someone's files? No. Two people with guns are a much more close-to-level playing field than two people with code for ransomware.
       
        This coming from a gun control supporter. The two are just totally inequivalent.

    12. Re:Doesn't matter.... by lucasnate1 · · Score: 0

      Actually, I agree that they are not completely equivalent. Guns kill much more people than ransomware.

      --
      Avantgarde Hebrew science fiction
    13. Re:Doesn't matter.... by Gravis+Zero · · Score: 1

      you have a solid head on your shoulders.

      Don't tell anyone but it's only the outside that's solid because the inside is squishy. ;)

      --
      Anons need not reply. Questions end with a question mark.
    14. Re:Doesn't matter.... by Highdude702 · · Score: 1

      Better than empty!

  3. Always trust Centauri. by freeze128 · · Score: 4, Funny

    This sounds like like a recruitment tool for the Star League to defend The Frontier against Xur and the Kodan armada.

    1. Re:Always trust Centauri. by Anonymous Coward · · Score: 0

      Mmmmm, Cray X-MP.

      https://en.wikipedia.org/wiki/Cray_X-MP#Usage

    2. Re:Always trust Centauri. by AbRASiON · · Score: 2

      Just a note on this post:

      I re-watched that film only 6 months ago and besides some weak CGI man does it REALLY hold up. It's nice to see a film that's more than just action scenes, flashy CGI and generally poorly written characters and script.

      If you're thinking of re-watching the movie and concerned it'll be dated trash. Don't, much like WarGames it very very much holds up, recommended.

    3. Re:Always trust Centauri. by tlhIngan · · Score: 1

      besides some weak CGI

      You have to remember TLS was (along with Tron) the pioneers of CGI - and that computers in the 80s were kinda weak. That said, they did render TLS on a Cray X-MP, the worlds fastest computer back in 1983 running at a blistering 115MHz with around 16MB of RAM. (Though you could get large storage arrays, even 1GB SSDs). Even then at 250k polygons it still was a challenge for the machine. Plus the technology had to be invented - unlike today where you can go out and download yourself a high quality renderer (RenderMan free) as well as get access to high quality tools, back then all had to be created, on production timelines.

      Plus, I don't believe texturing was available back then - everything CGI was simply shaded...

  4. Next up by Anonymous Coward · · Score: 0

    "Saw" was a documentary. cut your arm off with a hacksaw before your files are all deleted.

  5. Bad implementation by Anonymous Coward · · Score: 0

    This would have been a lot better if it did the same thing but required you to get to level 4 in Battletoads. Then the person would still be annoyed but at least they'd walk away with a sense of accomplishment.

    1. Re: Bad implementation by Anonymous Coward · · Score: 0

      Touhou 12 on Lunatic is much harder than Battletoads.

  6. perfect time to work in IT by Anonymous Coward · · Score: 0

    adapt it to starcraft, call od duty, madden etc.."umm sir, i can get the hospital medical records unlocked...im gonna need pizza, doritos, and rc cola...hang a bag of mountain dew just in case..ill also need to run a drop in the boardroom for that 72 inch oled..hold my calls."

  7. Neat by ArylAkamov · · Score: 2

    This is my kind of high stakes gameplay. Challenge accepted.

  8. let's play global thermonuclear war by Joe_Dragon · · Score: 1

    To get your files back you need to nuke North Korea with less then 500 us troops loss

  9. Undefined Fantastic Object at line 322 by bandwidthcrisis · · Score: 2

    That game name could easily be an error code from Java or maybe C#.

  10. How long until by XparXnoiaX · · Score: 1

    How long will it take until manufacturers take security seriously?

    --
    Irresponsible disclosure is responsible
    1. Re:How long until by HiThere · · Score: 1

      Until the manufacturers bear liability for the problems they enable.

      The problem with that is, unless they also get the benefit of the benefits then enable, then they'll just stop selling things. Whoops! (For some of these manufactures I'd count that a win, e.g. MS, but mine is not the majority opinion.)

      --

      I think we've pushed this "anyone can grow up to be president" thing too far.
    2. Re:How long until by bluescrn · · Score: 3, Insightful

      Manufacturers are taking it more seriously. But for consumers, it comes with a very high price.

      There's some increasingly secure platforms out there (iOS, UWP, games consoles), where code is signed and runs in a sandboxed environment. But you can't run your own code on them, unless it's been approved, censored, and taxed by a monopolistic App Store.

    3. Re:How long until by drinkypoo · · Score: 1

      What if you just made them liable for the problems they enable up to the cost of the OS? If everyone asks for a refund, just processing all the refunds will put them out of business, let alone actually paying them.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    4. Re:How long until by XparXnoiaX · · Score: 1

      There are manufacturers still leaving telnet ports open. It's not secure, and iOS is not secure.

      --
      Irresponsible disclosure is responsible
  11. Interesting by ZeRu · · Score: 1

    Just pay someone who plays games a lot to reach the score for you. Basement nerds, this is your five minutes of fortune!

    --
    If you post as an AC, don't expect me to spend a mod point on you.
  12. typical scenario by Anonymous Coward · · Score: 0

    Boss: What the fuck are you doing?? The entire system's down, we need to get our files back!
    Hapless IT Employee: I'm WORKING ON IT

  13. DRM by Anonymous Coward · · Score: 0

    That's taking DRM to the extreme. "We won't encrypt just our game. We'll encrypt your entire computer"

  14. Touhou Hijack LOL by Anonymous Coward · · Score: 0

    See title.