Virus Type: ransomware
When detected in February 2015, the new ransomware Trojan gained immediate notoriety as a menace to computer gamers. Amongst other types of target files, it tries to infect typical gaming files: game saves, user profiles, recoded replays etc. That said, TeslaCrypt does not encrypt files that are larger than 268 MB. Recently, Kaspersky Lab has detected curious behaviour in a new threat from the TeslaCrypt ransomware encryptor family. In version 2.0 of the Trojan notorious for infecting computer gamers, it displays an HTML page in the web browser which is an exact copy of CryptoWall 3.0, another notorious ransomware program. After a successful infection, the malicious program demands a $500 ransom for the decryption key; if the victim delays, the ransom doubles.
The Trojan notorious for infecting computer gamers. Most TeslaCrypt infections occur in the USA, Germany and Spain; followed by Italy, France and United Kingdom.
You are potentially at risk if you play computer games.
TeslaCrypt will encrypt files and ask for ransom ($500). Amongst other types of target files, it tries to infect typical gaming files: game saves, user profiles, recoded replays etc.
Kaspersky Lab’s products detect this malicious program as Trojan-Ransom.Win32.Bitman.tk and successfully protect users against this threat. In addition, a Cryptomalware Countermeasure Subsystem is implemented in Kaspersky Lab’s solutions. This registers activity when suspicious applications attempt to open a user’s personal files and immediately makes local protected backup copies of them. If the application is then judged to be malicious, it automatically rollbacks unsolicited changes by replacing those files with copies. In this way, users are protected from yet unknown cryptomalware.