Reportedly, many cybercriminals from Chaos ransomware have been targeting players from a very popular game, Minecraft to infect the gamers.
Researchers from FortiGuard labs through their continuous research have found out spotted targeted attacks on Japanese gamers’ devices that got attacked.
According to sources, the attackers were using Chaos ransomware so to encrypt the gaming files that might also destroy the files. Chaos also has a wiper malware function which is considered even more harmful. After hitting the target, the ransomware group, Chaos asked for 2,000 yen ($17.56) worth of Bitcoin or prepaid cards.
The attackers, to infect gamers, were promoting fake Minecraft alt aka alternative accounts lists on the gaming forum, making the gamers download and execute the malicious files. The file uses a text icon to fool potential victims that it has a list of alternative accounts for this game, which is considered precious information for the players.
When the gamers opened and executed the file, it lead to malware execution. According to the reports of Cyware, the malware searches for the files smaller than 2,117,152 bytes, tries to encrypt them, and adds four random characters to smaller files, which are chosen from ‘abcdefghijklmnopqrstuvwxyz1234567890.’
Also, files (with certain specific extensions) that are larger than 2,117,152 bytes are filled with random bytes, making them unusable even if the ransom is paid.
Chaos ransomware has the ability to destroy the data and make the victim pay serious amounts of ransom. Users are advised to use and play the game cautiously.