Gamers targeted with new variant of CryptoLocker: TeslaCrypt Ransomware.

from JoeUser Forums

 

Gamers…this just in: You’re being targeted…this new CryptoLocker variant (only 8% of the code the same) encodes your gaming files and mods.

“This crypto-ransomware variant has been getting distributed from a compromised web site that was redirecting the visitors to the Angler exploit kit by using a Flash clip. Bromium Labs notified the owner of the web site, but they haven’t responded. At the time of writing this blog, the website was still serving malware. The web site is based on WordPress and could have been compromised by any one of the numerous WP exploits. Additionally, the URL where the malicious Flash file is hosted keeps changing.” Bromium Labs

Attackers used an unconventional way of redirecting the users. Instead of a typical iframe (or an iframedynamically generated by JavaScript) they used a Flash clip wrapped in an invisible <div> tag.

“The list of games that are affected by the malware program includes Call of Duty, StarCraft, Diablo, Fallout, Minecraft, Assassin's Creed, Half Life 2, and Bioshock 2, among others. Digital game distribution platform Steam is allegedly targeted, as well as game development software such as RPG Maker, Unity3D, and Unreal Engine.” – Neowin

But there are more affected. To read more, go here: http://www.neowin.net/news/new-cryptolocker-variant-targets-gamers-encrypts-game-files

More detailed explanations are given here: http://labs.bromium.com/2015/03/12/achievement-locked-new-crypto-ransomware-pwns-video-gamers/

So, beware…

Sources:

http://labs.bromium.com/2015/03/12/achievement-locked-new-crypto-ransomware-pwns-video-gamers/

http://www.neowin.net/news/new-cryptolocker-variant-targets-gamers-encrypts-game-files

43,842 views 10 replies
Reply #1 from WinCustomize Forums Top

update your Microsoft Product and your Adobe products from the source page and you should be fine.
Very important if you install Unreal Engine based demos make sure you download them from a trustworthy source.
And of course keep your AV up to date as always.
Happy Gaming 

Reply #2 from WinCustomize Forums Top

Good thing I'm not a gamer. 

ObjectDock - Access shortcuts and frequently used applications from an animated dock.
Reply #3 from GalCiv3 Forums Top

just another example of why one should just not run any flash at all....

Reply #4 from Elemental Forums Top

Nexus site was (possibly) hacked a while back.  They encourage all users to reset their passwords to a new password. 

Reply #5 from WinCustomize Forums Top

Didn't hear anything about that.

Reply #6 from WinCustomize Forums Top

First posted 13th March 2015, reply 2 on 14th December 2015, internet lag? :grin:

Reply #7 from Stardock Forums Top

It was necrospammed. Uvah replied before it sank back where it came from.

Reply #8 from WinCustomize Forums Top

Oops!

Reply #9 from Elemental Forums Top

My bad.  Saw the article at the nexus site, thought it was new (was new to me - lol) Opps..

Reply #10 from WinCustomize Forums Top

It's good Idea as far as your PC to get Bitdefender Anti-Ransomeware here- http://labs.bitdefender.com/2015/11/russian-hackers-are-behind-cryptowall-4-0-bitdefender-creates-vaccine/

Kaspersky CoinVaultDecryptor- http://www.majorgeeks.com/files/details/kaspersky_coinvaultdecryptor_tool.html

How to PDF file- https://noransom.kaspersky.com/static/CoinVault-decrypt-howto.pdf

Be Proactive!  :banhammer: