There’s a new ransomware looking to profit off of Cyberpunk 2077 fans
January 2021 by Tatyana Shishkova, security expert, Kaspersky
Cyberpunk 2077 was the most anticipated game of 2020, with a massive eight million copies sold before its official release. It’s not surprising then that cybercriminals would attempt to take advantage of its massive popularity to launch attacks.
Kaspersky researchers have now uncovered a website that purports to offer a beta mobile version of Cyberpunk 2077 for Android.
Please find more information below, along with a comment from Kaspersky security expert, Tatyana Shishkova.
There’s a new ransomware looking to profit off of Cyberpunk 2077 fans Cyberpunk 2077 was the most anticipated game of 2020, with a massive eight million copies sold before its official release. It’s not surprising then that cybercriminals would attempt to take advantage of its massive popularity to launch attacks. There have already been instances of scammers using the promise of “free downloads” to gather personal user data, and now there are others seeking to financially profit off the game—by spreading ransomware (malware that encrypts your files until a ransom is paid).
Kaspersky researchers have uncovered a website that purports to offer a beta mobile version of Cyberpunk 2077 for Android. The site is designed to look as if the download being offered is from the official Google Play Store (it is not)—complete with false information about the number of installs and fake user reviews.
Once users download the app, they receive a request for the application to access their files. If they accept this request, an unwelcome notification appears: their files have been encrypted, and they will only receive the key to decrypt them if they transfer $500 in bitcoin within 10 hours. If payment is not received, the criminals, who call themselves CoderWare, claim they will permanently delete the stolen files.
This is not the first time these criminals have attempted to exploit the launch of Cyberpunk 2077. In November of this year, they offered a fake version of the game designed for Windows to trick users into downloading ransomware. The criminals currently have about $8342.50 dollars in bitcoin in their wallets. “There’s good news in that the cybercriminals left the decryption key embedded in the Trojan’s body. That means that it’s possible to decrypt files without paying the ransom. But going forward, it’s important that all gamers take extra precaution about where they download games—especially if a beta version on a new platform is being offered. Games will always be a popular target for criminals,” comments Tatyana Shishkova, security expert at Kaspersky.
To keep yourself safe from such malicious downloads and ransomware, Kaspersky experts recommend:
• Always check application permissions to see what your installed apps are allowed to do, and be careful about what permissions you give.
• When looking for new apps, take the developers of those apps into account. Software from reputable developers is far less likely to contain infections.
• Only download apps from official marketplaces, like the Google Play and Apple store.
• Install a strong antivirus solution on your phone, likе Kaspersky Internet Security for Android.
• Read more about the tips we offer on Kaspersky Daily to further boost your levels of security.