Creator apologizes for a “joke” that really requires expert play to unlock files.
At this point, Ars readers have heard countless tales of computer users being forced to pay significant sums to unlock files encrypted with malicious ransomware. So we were a bit surprised when word started to trickle out about a new bit of ransomware that doesn’t ask for money. Instead, “Rensenware” forces players to get a high score in a difficult PC shoot-em-up to decrypt their files.
As Malware Hunter Team noted yesterday, users on systems infected with Rensenware are faced with the usual ransomware-style warning that “your precious data like documents, musics, pictures, and some kinda project files” have been “encrypted with highly strong encryption algorithm.” The only way to break the encryption lock, according to the warning, is to “score 0.2 billion in LUNATIC level” on TH12 ~ Undefined Fantastic Object. That’s easier said than done, as this gameplay video of the “bullet hell” style Japanese shooter shows.
As you may have guessed from the specifics here, the Rensenware bug was created more in the spirit of fun than maliciousness. After Rensenware was publicized on Twitter, its creator, who goes by Tvple Eraser on Twitter and often posts in Korean, released an apology for releasing what he admitted was “a kind of highly-fatal malware.”
“I made it for joke, and just laughing with people who like Touhou Project Series,” Tvple eraser writes. “So I distributed source code except compiled binary on the web. However, at the point of the distribution, the tragedy was beginning.
“A number of people blamed me. It’s natural. because I made accident definitely wrong,” he continues. “I’m not sure this apology is enough to you. If not, then I apologize again… It didn’t meant to be evil. I hope you understand of it. [sic]”
The apology is embedded in a Rensenware “forcer” tool that Tvple Eraser has released to manipulate the game’s memory directly, getting around the malware’s encryption without the need to play the game (assuming you have a copy installed, that is). While the original Rensenware source code has been taken down from the creator’s Github page, a new “cut” version has taken its place, showing off the original joke without any actually malicious forced encryption.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.