Matrix Posted December 21, 2020 Share Posted December 21, 2020 TL;DR: Not for the first time, cybercriminals are exploiting the popularity of a video game by releasing a fake mobile version that's actually ransomware. On this occasion, the title in question is Cyberpunk 2077, but there's a way for victims to unlock their devices without paying. There is, of course, no mobile version of Cyberpunk 2077; the ambitious title struggles enough on the PS4 and Xbox One consoles, so an Android/iOS port would be a big ask. As noted by Tatyana Shishkova, an android malware analyst at Kaspersky, unscrupulous types are taking advantage of less knowledgeable users by creating a fake website designed to look like the Google Play Store, where unsuspecting visitors can download ‘Cyberpunk 2077 Mobile.’ Anyone whose common sense is blinded by the prospect of playing Cyberpunk on their phone is in for a nasty surprise. The file is actually ransomware called CoderWare, a variant of the BlackKingdom ransomware. As with other malware, it encrypts a device’s contents. Victims are given 10 hours to pay $500 worth of bitcoin before everything is deleted permanently. Shishkova notes that there is a way to decrypt the contents without paying the ransom; a move that doesn’t always guarantee you'll receive the decryption key. Thankfully, there is a hardcoded key in the CoderWare ransomware that allows a decryptor to recover the files. You can see the hardcoded key in the ransomware’s source code below. Malware posing as mobile versions of games isn’t something new. Last year saw a fake Apex Legends app that was an adware downloader. Its popularity was boosted by YouTube videos containing links to this fake mobile version. EA says Apex Legends is coming to mobile, but not until next year. The latest bit of bad news for the real Cyberpunk 2077 is that crafting too many items can corrupt your save files. Source Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.