“Pokémon Go”: Ransomware disguises itself as Windows version




Great sense gives it at first glance not “Pokemon Go” is an augmented reality game that clamps intensive GPS and requires some legwork for gamers. How could such a gamble game accordingly in private on the PC? The developer of a new Hidden Tear ransomware however hope that there still are users, which outweighs the curiosity. Your Ransomware disguises itself as “Pokémon Go” for Windows and specifically targets users in the Arab world. When infecting these ransomware encrypts files on the hard disk and displays at the end of a ransom request to.

However, the makers of “Pokémon Go” -Ransomware have done something more trouble than many of their colleagues. Approximately adds this malware a back door into your own Windows account, the corresponding executable file can pass it on to other internal and external hard disks and tries to share them in the network. Here, this ransomware is currently still in development and could thus be increased by a further “features”. Remarkable is here now that the ransomware even after the payment of the respective ransom a back door would still open to access the files of the originally infected PCs.

ransom ware pokemongo

For the ransomware adds a user account named “Hack3r” to the Administrators group. The account is but hidden by manipulating the registry. The “Pokemon Go” -Ransomware also automatically copied to removable drives and will then start automatically when the infected drive is plugged in again. Currently sight the unknown maker of ransomware to the Arabic-speaking world, as well as the ransomware message shows. The developer in turn could come from France or a French speaking country, because there is an image with the name “Sans Titre” (unnamed) in the files.

Once again therefore appears that criminals would like to exploit the popularity of “Pokemon Go” for their own purposes. Let’s just hope that not too many people fall for it, that there might be a Windows version of the augmented reality game. Yet the ransomware is not already completed fortunately. But it should be given the already invested work probably only a matter of time.


In: A Technology & Gadgets Asked By: [22730 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »