Cybercriminals have been exploiting the popularity of Cyberpunk 2077 by launching a fake mobile app as if it were a version of the game, masquerading as ransomware/malware.

Despite Cyberpunk 2077 launch problems and which it continues to suffer from in many cases the game is still quite popular. For this reason, these types of people have taken the opportunity to launch a mobile game app that is not the game, since there is no version of the CD Projekt title for iOS and/or Android.

In the middle of last week, the Android malware analyst at Kaspersky, Tatyana Shishkova, discovered ransomware on Android of this app masked with the game. In fact, if it is installed and given permission, it infects the terminal and extorts the data stored in it unless it is paid X bitcoins in a certain time; this has been cataloged as Coderware so once infected the content is fully encrypted and it is futile to delete it.

However, this ransomware uses an encrypted key – “hardcoded key”, so it can be decrypted so you don’t have to pay any lawsuits. ” The RC4 algorithm with an encrypted key (example” 21983453453435435738912738921 “) is used for encryption. That means that if they encrypt them, you can decrypt them without paying anything “; those numbers are the source code.

As Shishkova points out, this attack uses a 2010 variant of BlackKingdom ransomware, already discovered in November as a Cyberpunk 2077 Windows installer. The variant on Windows was a compiled executable that encrypted the files and added the.DEMON extension to the names. This ransomware targeted large VPNs this year so you know what you’re going for.

However, as we mentioned, there is no such version of Cyberpunk 2077 for mobile phones so avoid downloading anything on your mobile that is not reliable or you are not sure about it; the same happens for the rest of the apps.

The best prevention is not to install unverified or third-party apps, so be careful about this issue and the most vulnerable people who may fall into these traps.

