Cyberpunk 2077 is a highly anticipated game release that attackers are taking advantage of. A researcher from Kaspersky discovered a new malware sample that is masquerading as an Android download of the game. The researcher, in a tweet, described the sample as a type of Coderware ransomware, specifically from the Black Kingdom family. The malware was being promoted on a website impersonating the Google Play mobile app marketplace as a free game download. The malicious version on the fake Play Store is named “Cyberpunk 2077 Mobile (Beta).” The attackers have added a sense of legitimacy by making false reviews for the download. If a victim clicks on the download and executes the binary, they will receive a message stating that they have been infected with CoderWare ransomware and that they need to pay $500 in Bitcoin for the decryption key. It was noted that the CoderWare ransomware uses a hardcoded key, which means that paying the ransom may not be necessary for the victim to recover their files.
Author: Kathy Jambor/Randy Pargman Tom Cruise made headlines recently, but not for a new Mission