Home Malware Programs Ransomware Cyberpunk 2077 Android Ransomware

Cyberpunk 2077 Android Ransomware

Posted: December 17, 2020

The Cyberpunk 2077 Android Ransomware is a file-locking Trojan and Android port of CoderWare Ransomware. Like the first program, it blocks the user's files with secure encryption, creates ransom notes for recovery that ask for Bitcoins and uses a Cyberpunk 2077 video game theme. Users should have an Android-compatible security service to remove the Cyberpunk 2077 Android Ransomware for their safety and restore files from a backup.

The New Hotness in Gaming Comes to Android – As a Tactic

The first version of the CoderWare Ransomware campaign got attention from malware researchers by capitalizing on video gaming news with a name that appeals to the CD Projekt game developer's fans. Interestingly, the Trojan's evolution is far from over. Another version – on a separate operating system – is out, with a Cyberpunk 2077 banner as part of its tactic.

The Cyberpunk 2077 Android Ransomware jumps from the original Windows OS to the Android platform, a typical smartphone environment. Its features seem intact entirely, as malware analysts confirm it is wielding the standard encryption routine feature for blocking the device's media files, which might include documents, music, or pictures. The Trojan adds a 'coderCrypt' extension on their names instead of its Windows ancestor's 'DEMON' tag.

The ransom note is familiar, but not a total duplication of the old CoderWare Ransomware one. It uses the same Bitcoin wallet for holding the victims' payments for an unlocker but only asks for half the usual sum: five hundred USD. It also retains the same Telegram contact name, which clarifies that the same threat actor is behind both versions of the Trojan.

A Brighter Future for Phones than a Trojan's Dystopia

The continuing 'disguise' of naming itself after a prominent gaming product offers hints about how the Trojan is likely to distribute itself in the wild. Users should always be cautious about 'too good to be true' downloads, such as suspicious mobile ports of AAA games and free versions of normally-premium products. Although the Cyberpunk 2077 Android Ransomware may recruit torrent networks into its infection vectors, its threat actor promotes the download on compromised websites with designs that imitate Google's Play Store currently.

Since there isn't free decryption or unlocking software for the Cyberpunk 2077 Android Ransomware or the CoderWare Ransomware, users have few recovery options on hand. In most attacks, victims without a backup have no other options for recovering their files besides paying Bitcoins to a criminal who might not respond with any help. Non-local backups on different devices or storage drives should suffice for most users' needs.

Malware researchers stress updating security solutions for detecting and removing the Cyberpunk 2077 Android Ransomware with optimal accuracy. This threat still is new, with many AV vendors failing to identify it as of the middle of December.

Trojans rarely change the entire operating system on a whim. As the exception to the rule for file-locker Trojans, the Cyberpunk 2077 Android Ransomware offers newfound dangers to phone owners who might be a little too used to downloading games without the same wariness as their PC-using counterparts.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Cyberpunk 2077 Android Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.