Crypto-Stealing Ransomware “Syrk” Attacks Fortnite Users

A new piece of ransomware dubbed Syrk will encrypt files on your hard drive while erasing whole folders if the ransom isn’t paid. The malware is based on the open-source Hidden-Cry program, an encryptor that showed up online last December and has been the premise for numerous bits of malware over the past year.

Home to around 250 million players, Fortnite clients are the number one target for this kind of malware.

“Combining game malware with ransomware was inevitable,” said Vectra head of security analytics Chris Morales. “Social engineering through online video games has been going on for some time. It is a large audience to target and an industry that is known to look for shortcuts. Malware posing as a hack tool is novel as it will not be validated by any app store and bypasses the normal security controls. This makes encrypting files using a game hack highly opportunistic and easy to execute.”

According to the researchers, “The next step is it will set a timed procedure to try and delete the encrypted files in the directories listed below, deleting the files every two hours in the following order: %userprofile%\Pictures; %userprofile%\Desktop; and %userprofile%\Documents.”

Fortunately, the malware is based on a known attack vector and the computer program is simple to delude. Victims can effortlessly unlock their computers by trying to find some content records on their drives. These files contain the passwords used to close down the ransomware before it can erase your files, a decent feature that should halt many from having to shell out crypto for a clean computer.