This Fake Cyberpunk 2077 Mobile App Is Hiding Ransomware

This Fake Cyberpunk 2077 Mobile App Is Hiding Ransomware
Image: Kotaku Australia
To sign up for our daily newsletter covering the latest news, features and reviews, head HERE. For a running feed of all our stories, follow us on Twitter HERE. Or you can bookmark the Kotaku Australia homepage to visit whenever you need a news fix.

Cyberpunk 2077 is available on many platforms but that list doesn’t include mobile. Despite this, some users are attempting to fool players with a fake Cyberpunk 2077 mobile app that is hiding ransomware.

Kaspersky malware analyst, Tatyana Shishkova, has identified a fake website that mimics the Googe Play Store. The landing page shows a Cyberpunk 2077 Mobile app available for install.

The page looks pretty legit at face value, CD Projekt Red is listed as the developer and it has 300 5-star reviews.

Although there are a few dead giveaways that this is a fake. The app description is plagued with spelling and grammatical errors, plus the listing says players will be able to access multiplayer maps, which won’t be available in Cyberpunk until 2022.

Players will be prompted to allow the app to access their photos, media, and other files on their device. Once allowed the problems begin.

The malware, titled CoderWare, dictates that victims have 10 hours to transfer $500 in bitcoins to the designated address. If they fail to do so all the files on their device will be permanently deleted. The message also warns that if users delete the app it will be impossible to access their files.

Fortunately, Tatyana Shishkova also pointed out that there is a workaround. The CodeWare uses a hardcoded key, meaning players can use a decryptor to re-access their files without having to pay the ransom.

 

Most players know that Cyberpunk 2077 isn’t available on mobile. However, similar malware was discovered on a Windows edition of the game last month.

TechRadar reports that this ransomware also uses the CoderWare name but is actually a variant of BlackKingdom malware that was circulating earlier in the year. So far it is unclear if files that have been encrypted in this Windows scam can be decrypted without paying.

While most people are savvy enough to know a suspicious website when they see one, this is a good reminder to double-check the legitimacy of any sites before you download content from them.

Unless CD Projekt Red suddenly decides to drop Cyberpunk 2077 on mobile these are the only platforms the game is officially available on: Google Stadia, PC, PS4, PS5, Xbox Series X/S and Xbox One.

Comments

  • whats that saying about taking warning labels off of things and letting the problem solve itself? not sure how people manage to get through life with such little intelligence.

    • You’d have to be especially silly to do this, you’ve got to acknowledge a security notice when you you turn on the option to install apps from other sources.

Show more comments

Log in to comment on this story!