Ransomware Disguised as Mobile Version of Cyberpunk 2077
There is no mobile Cyberpunk 2077 game!
Despite the current state of Cyberpunk 2077, eager fans everywhere are still trying to get as much time with the game as they can. This presented the opportunity for some sneaky person/persons to take advantage of this by creating ransomware and disguising it as a mobile version of the game. According to Kaspersky's malware analyst, Tatyana Shishkova, a fraudulent website has been crafted to look like the Google Play Store and offers a mobile version of Cyberpunk 2077. But in actuality, this website has been tricking people into downloading and installing ransomware onto their mobile devices.
New Android #Ransomware disguised as #Cyberpunk2077 game.Downloaded from fake website imitating Google Play Store.Extension: .coderCryptFamily: CoderWare/BlackKingdom https://t.co/JBudDP6vG1 pic.twitter.com/TdM4SAkFWlDecember 16, 2020
This ransomware has been dubbed Coderware, and once it infects a mobile device, the contents are encrypted. The unwilling participants are notified that they have 10 hours to send $500 in bitcoins to the ransomware creator. Failing to do so will result in the encrypted file being permanently deleted; unless you have a backup that isn't infected.
Fortunately, not all is lost as it has been discovered that the ransomware attack uses the same variant as the BlackKingdom ransomware that was released in early 2020. This was pointed out by Tatyana Shishkova, who also provides a way to get around the ransomware. Unlike the BlackKingdom ransomware, the Coderware ransomware uses a hardcoded key, meaning that individuals can use a decryptor to gain access to the encrypted file without paying the hefty sum.
The decryptor is found inside of the source code, as seen in the example below.
Of course, the best way to protect your mobile device is to not download and install unofficial software to it. There is no mobile version of Cyberpunk 2077, nor has there been any announcement of one in development. The only place to play the title is PlayStation 4, PlayStation 5, Xbox One, Xbox Series X|S, PC, and Stadia.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Keith Mitchell is a Contributing Writer for Tom's Hardware US. He is an IT professional during the day, and a passionate lover of video games and tech after his 9-5 grind. He has a weird affinity for Soulsborne games and plays them non-stop.
iFixit now sells genuine Xbox replacement parts but at ridiculous prices — $599 for an Xbox Series X motherboard when a new console costs $499
Valve preps mysterious 'Fremont' SteamOS device powered by AMD Ryzen processor — potential Steam Box may sport a Hawk Point CPU with Zen 4 and RDNA 3 graphics
-
GenericUser alceryes said:Both Google and Apple need to police their 'stores' better.
It's not an entry on the actual Google Play store, it's a fraudulent website designed to look like it is.
According to Kaspersky's malware analyst, Tatyana Shishkova, a fraudulent website has been crafted to look like the Google Play Store and offers a mobile version of Cyberpunk 2077
-
alceryes
Ahhh, makes more sense but my statement still stands. ;)GenericUser said:It's not an entry on the actual Google Play store, it's a fraudulent website designed to look like it is.