We’re sorry, your browser appears to be outdated.
To see the content of this webpage correctly, please update to the latest version or install a new browser for free, such as Avast Secure Browser or Google Chrome.

Not sure which solution is right for your business?
Case study

Rensenware (Touhou Ransomware)

Created as a joke by a Korean programmer and uploaded to the internet hosting site GitHub, Rensenware (also known as Touhou ransomware) caused significant disruption upon going viral. In this article, we explore how the ransomware was developed and what businesses can do to learn from these incidents to stay protected.

Protect your business against ransomware with Avast Small Business Cybersecurity Solutions.

What is rensenware? (Touhou Ransomware)

What is rensenware? (Touhou Ransomware)

Rensenware (also known as Touhou ransomware) is a type of ransomware originally created as a joke by a Korean programmer and uploaded to the GitHub community. Touhou ransomware is a type of malware that infects Windows computers and encrypts files.

Resenware is unique from other ransomware types, such as Ryuk or Sodinokibi, which call for victims to pay money to regain access to their files or systems. In order to successfully decrypt virus-locked files, the victim must download the 2009 anime Touhou bullet hell game "Touhou Seirensen - Undefined Fantastic Object" and score 200 million points on "Lunatic" mode.

Is Touhou a virus?

While the terms “malware” and “virus” are commonly used interchangeably, they are not the same. Ransomware is a type of malware that prevents users from accessing their systems unless a ransom payment is made, which can have a catastrophic impact on the victim.

Rensenware origins

Ransomware initially came onto the scene in the 1980s but the landscape has evolved significantly, with threats growing in size, variety, and scale.

Rensenware was developed as a joke by Korean college student Kangjun Heo, known then by his programmer alias, Tvple Eraser. He uploaded the anime-based ransomware to GitHub, where it was discovered and shared by Malware Hunter Team via Twitter on April 6, 2017.

Rensenware origins

How hard is it to achieve the score?

It is notoriously hard to reach the Touhou game score required for decryption. In fact, when the creator of rensenware ransomware accidentally infected his own device, he commented that even he could not achieve it.

Can I decrypt my data without playing?

If your device is infected with Touhou ransomware, you should not attempt to kill the malware program – doing so without achieving the 0.2 billion points required may mean that you lose your data permanently.

However, apologizing for his actions on GitHub, creator Typle Eraser released a cheat code that places a custom score in the game to unlock files and enable those to regain access to their folders. He shared this publicly to enable those who downloaded the original version to successfully decrypt and neutralize their devices.

What can businesses learn from Touhou ransomware?

What can businesses learn from Touhou ransomware?

While many ransomware attacks are highly calculated, such as the attacks across Baltimore and Atlanta, rensenware highlights that not all threats are targeted. Touhou ransomware was not aimed at businesses, but the chaos from a system becoming infected by the malware is enough to cause significant financial, operational and reputational damage.

Cyberattacks and data breaches, whether malicious or accidental, can occur at any time and affect businesses of all sizes. With this in mind, preventing the threat of ransomware to your business is vital.

You should use a range of cybersecurity measures to safeguard your business with multiple layers of protection. These measures should include:

Let Avast protect your business from ransomware attacks

Incorporating antivirus to prevent the threat of malware, phishing, ransomware, and advanced threats to your business in real-time, Avast Small Business Cybersecurity Solutions offer various levels of advanced security and privacy protection. Ensure your business remains protected, anywhere, anytime.

Close

Almost done!

Complete installation by clicking your downloaded file and following the instructions.

Initiating download...
Note: If your download did not start automatically, please click here.
Click this file to start installing Avast.