TeslaCrypt: The Evolution That Everyone Missed
Unfortunately for those of us who aren’t hackers, ransomware is a booming business.
This dangerous, malicious type of hack attack encrypts a victim’s documents and other files (such as photographs) they may have stored on their hard drive, making those files inaccessible to their owner. The cybercriminals then demand a ransom, typically in the form of Bitcoins, in order to release the files back to their rightful owners.
Shortly after cybercriminals began launching ransomware attacks, they learned that operating this type of malware was turning out to be extremely lucrative. These days, it seems there’s a new type of ransomware almost every day.
CryptoLocker, TorrentLocker, Cryptowall, Breaking Bad themed PolloCrypt… these are just some of the many types of ransomware that have been discovered to date. Recently, the security industry was abuzz with a new and especially malicious type of ransomware called TeslaCrypt. One of the characteristics of TeslaCrypt that set it apart from other types of ransomware was the fact that TeslaCrypt doesn’t only block users from accessing their documents and other files, it also encrypts the victim’s computer game files.
If you’ve been affected by the TeslaCrypt ransomware and are looking for the decryption tools, go here and look for the “The Talos TeslaCrypt Decryption Tool” paragraph.
Targeting gamers is a new and interesting evolution for ransomware. It gives cybercriminals a specific target of people who surely have valuable files saved on their computers. After all, aren’t save-game files gamers’ most prized possessions? The fact that some gamers spend hundreds of dollars on virtual goods make this target even more lucrative.
It didn’t take long for the media and blogosphere to pick up on this interesting feature, discussing at length how “gamers are now being targeted” and almost completely ignoring the real evolutionary leap that TeslaCrypt has brought to the ransomware business and to cybercrime in general. TeslaCrypt didn’t just encrypt Call of Duty, Diablo or Assassin Creed’s save-game files. It also encrypted files of Unity3D, Unreal Engine and RPG Maker.
If you’re unfamiliar with these names, you’re probably unfamiliar with the process of developing video games. These programs are powerful engines and tools on which modern video games run. It’s not just gamers who are being targeted by TeslaCrypt, but also video game developers. In other words, it is the entire gaming industry that is being specifically targeted by this ransomware, and for game developers the impact of such an incident could be catastrophic. Modern video games can cost millions of dollars to develop, with innumerable work hours being poured into them by huge development teams. If one of these teams is hit by TeslaCrypt and unable to access their files, the financial damage could be huge.
Thankfully, Cisco’s Talos team has found a way to decrypt the encrypted files without paying cybercriminals’ demanded ransom. But we’re still left wondering: Was TeslaCrypt’s experiment to target the video game industry successful? Is targeting specific industries versus targeting individuals or organizations in general the evolution of cybercrime?
Some organizations, such as government agencies, defense contractors and critical infrastructure are already in the hot seat, being potentially targeted by rival states. But cybercriminals have traditionally focused on individuals and financial institutions for financial crime. Are we seeing a trend that it is now changing?
In a way, the video game industry is already a prime target for being attacked. Zealous fans may go out of their way to try and get their hands on projects under development, and those with hacking capabilities could be especially dangerous. In 2004, German hacker Axel Gembe hacked into the network of video game developer Valve and stole the source code for the much-anticipated game Half-Life 2, leaking an unfinished version to the world. This incident caused Valve financial damages and had a huge de-motivational impact on the development team. The story ended well for Valve, as when it was finally released Half-Life 2 became a critically acclaimed and financially successful game.
Now, it seems that the gaming industry has one more threat to worry about. But again the question is whether this threat will grow in numbers. Have you been a victim of ransomware?