Rensenware (; stylized as rensenWare) is

ransomware Ransomware is a type of malware that Encryption, encrypts the victim's personal data until a ransom is paid. Difficult-to-trace Digital currency, digital currencies such as paysafecard or Bitcoin and other cryptocurrency, cryptocurrencies are com ...

that infects

Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...

computers. It was created as a joke by Kangjun Heo (; alias "0x00000FF") and first appeared in 2017. Rensenware is unusual as an example of ransomware in that it does not request the user pay the creator of the virus to

decrypt In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plai ...

their files, instead requiring the user to achieve a required number of points in the

shoot 'em up Shoot 'em ups (also known as shmups or STGs) are a Video game genre, subgenre of action games. There is no consensus as to which design elements compose a shoot 'em up; some restrict the definition to games featuring spacecraft and certain typ ...

video game ''

Undefined Fantastic Object is the twelfth main game of the ''Touhou Project'' scrolling shooter series, by dōjin game circle Team Shanghai Alice. The game was released at the 76th Comiket on August 15, 2009, and then followed by a retail release on September 11, 2009, ...

'' before any decryption can take place. The main window displays

Minamitsu Murasa The , also known simply as , is a bullet hell shoot 'em up video game series created by independent Japanese soft developer Team Shanghai Alice. The team's sole member, Jun'ya "ZUN" Ōta, has independently developed programming, graphics, wr ...

, a character from the game. Heo released a patch that neutralizes Rensenware after the malware gained attention.

Description

Rensenware was developed by Korean undergraduate student and programmer Kangjun Heo for

operating systems out of boredom as a joke within the ''

Touhou Project The , also known simply as , is a bullet hell shoot 'em up video game series created by Indie game, independent Japanese Doujin soft, soft developer Team Shanghai Alice. The team's sole member, ZUN (video game developer), Jun'ya "ZUN" Ōta, ha ...

'' fandom. When executed, the program scans and encrypts files on the computer ending in specific

extensions Extension, extend or extended may refer to: Mathematics Logic or set theory * Axiom of extensionality * Extensible cardinal * Extension (model theory) * Extension (proof theory) * Extension (predicate logic), the set of tuples of values t ...

using

AES-256 The Advanced Encryption Standard (AES), also known by its original name Rijndael (), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES is a variant ...

and appends ".RENSENWARE" to the

filename A filename or file name is a name used to uniquely identify a computer file in a file system. Different file systems impose different restrictions on filename lengths. A filename may (depending on the file system) include: * name – base ...

. The ransomware was first discovered by MalwareHunterTeam on April 6, 2017.

Payload

Once the files have been encrypted, a warning window depicting the character

from the ''Touhou Project'' is displayed, which cannot be closed. The program requires the user to play the

bullet hell , also known as manic shooter, is a subgenre of shoot 'em up video games with large amounts of projectiles the player is required to dodge. Introduced in 1993 with '' Batsugun'' and initially limited to vertically scrolling shooters, bullet ...

video game '' Touhou Seirensen ~ Undefined Fantastic Object'', which is not included with the software meaning they must download it on their own, and score at least 200 million points in the "Lunatic" level of difficulty before any decryption may take place (the program automatically detects the game's

process A process is a series or set of activities that interact to produce a result; it may occur once-only or be recurrent or periodic. Things called a process include: Business and management * Business process, activities that produce a specific s ...

"th12" and its accumulated points). The

payload Payload is the object or the entity that is being carried by an aircraft or launch vehicle. Sometimes payload also refers to the carrying capacity of an aircraft or launch vehicle, usually measured in terms of weight. Depending on the nature of t ...

window advises the user not to kill the Rensenware main program until their files have successfully been decrypted, otherwise they will lose them permanently as the decryption keys are not locally stored.

Neutralisation tool

Heo accidentally infected himself while programming the software and found that he was unable to get the necessary score. He later released a piece of software—setting the score in game's memory directly and satisfying the Rensenware requirements—onto

GitHub GitHub () is a Proprietary software, proprietary developer platform that allows developers to create, store, manage, and share their code. It uses Git to provide distributed version control and GitHub itself provides access control, bug trackin ...

with an apology. He also released a small part of the ransomware source code without the payload.

References

External links

* {{Hacking in the 2010s Ransomware 2017 in computing Touhou Project