This Ransomware Does Not Want Your Money: You Have to Score High in a Shooter Game to Have Your Files Back

Until now, you have probably heard numerous stories about mobile and PC users having to pay considerable amounts of money to decrypt data locked by ransomware. I was shocked when I heard about new ransomware strain that doesn't demand money.

A new virus called Rensenware compels victims to receive a very high score in a challenging and hard computer shooter game in order to get the decryption key.

Individuals whose computers got infected with Rensenware are shown the typical ransomware note that says: ''Your system have been encrypted by Rense'' The only option to destroy the malicious crypto trap, as stated in the note, is to: "Score 0 .2 billion in LUNATIC level on TH12 - Undefined Fantastic Object.”

That’s simpler to say than do as this YouTube video of the shooting hell kind of Japanese game shows.

As you could have suspected from the details above, the Rensenware virus was developed more for fun than for malicious purposes. After news about Rensenware virus appeared on Twitter, its author, whose handle is Tvple Eraser, and is presumably from Korea as he tweets a lot in Korean, published an apology for creating what he later realized was: "A kind of highly-fatal malware." 

He says: "I made it for joke, and just laughing with people who like Touhou Project Series."

He continues: "It didn't meant to be evil. Once again, I apology to everyone. I'm really sorry."

The apology is inserted in a Rensenware Forcer tool that Tvple Eraser has published to be able to modify the game's memory directly, avoiding the encryption process without the need to play and get the high score.

Although the original Rensenware source code has been removed from Github page by the author, a brand new but cut version has replaced it displaying the initial joke and having no hazardous encryption ability.

It appears Tvple Eraser never attempted to distribute Rensenware on other computers as all other ransomware creators do to gain profits. But the Internet is open and once you publish something is stays there forever, so the source code is still circulating and can be used my fraudster. Most probably it will be modified by other developers so not to be beaten by the

As in many cases of educational ransomware previously published on Github, we know that it can be pretty costly for end users who get infected. A lot of teenagers write malware for fun, some researchers write it as they think for educational purposes. All these activities case much damage. Hidden Tear project once published by Turkish researcher gave birth to hundreds of variants of non-educational by real ransomware strains.