Ransomware attacks erupt via Cyberpunk 2077

Cyberpunk 2077 has been one of the most anticipated releases in gaming history. In development since 2012 and plagued by delays, the action role-playing game’s much-awaited release in December 2020 was an event in its own right. While the game itself received mixed reviews, cybercriminals also took advantage of the huge hype surrounding the game.

A few days after the launch of the game for Windows and other platforms, it was discovered that a “beta version” of the game, purportedly for Android, was being offered for free download on a shady website. That should have raised a red flag by itself—the game has only been released for the PlayStation 4, Stadia, Windows and Xbox One platforms with planned releases in 2021 for PlayStation 5 and Xbox Series X/S consoles.

Cybercriminals targeting gamers

There were several causes for suspicion already. Firstly, the game hadn’t been released for mobile platforms as yet so this was an obvious fake. Secondly, the game was being offered for free which was hardly realistic. And lastly, though the website which was offering the game said that the download was 3.4 GB, the actual file was only 30 MB!

By now, it was quite obvious that this was a fake, disguised to fool hardcore gamers into thinking it was authentic. The website itself looked like a Google Play page with a fake description claiming that the game had been “specially designed for mobile phones”. The page even had had an install counter which claimed the game had been downloaded more than 1,000 times with some fake reviews added in to fool people even further!

Ransom of USD 500 demanded to decrypt files

On downloading the file, the ransomware asks for access to files stored on the device, another red flag. On providing the required permissions, you get the final proof that this is not Cyberpunk 2077 but a typical ransomware application. A message pops up telling the user that they have been hit by CoderWare and their files have all been locked. The user is told to transfer USD 500 to a provided Bitcoin address within 24 hours and send the receipt to the email address to receive the decryption key. The note goes on to warn that if the payment is not made within 10 hours, their files will be permanently deleted.

Thankfully, investigations later revealed that the decryption key is stored within the malware and could be used to recover the files without paying the ransom. However, not everybody knew this and ended up paying in desperation to get their files back. This is not a good decision—there is no guarantee that the cybercriminals will give you back your files on receipt of your payment. They may even be encouraged by the initial payment and demand more money!

For avid gamers, there is one key takeaway: make sure you’re obtaining your games from authentic, official sources. Don’t get taken in by shady websites offering you a popular game for a discount or for free. At the same time, also ensure you have a powerful security solution on your mobile devices. Consider using Quick Heal Total Security for Android which comes with Browsing & Phishing Protection & On Install App Scan, ensuring instantaneous detection of threats.

Quickheal