Cyberpunk 2077 Android Ransomware
The Cyberpunk 2077 Android Ransomware is a file-locking Trojan and Android port of CoderWare Ransomware. Like the first program, it blocks the user's files with secure encryption, creates ransom notes for recovery that ask for Bitcoins and uses a Cyberpunk 2077 video game theme. Users should have an Android-compatible security service to remove the Cyberpunk 2077 Android Ransomware for their safety and restore files from a backup.
The New Hotness in Gaming Comes to Android – As a Tactic
The first version of the CoderWare Ransomware campaign got attention from malware researchers by capitalizing on video gaming news with a name that appeals to the CD Projekt game developer's fans. Interestingly, the Trojan's evolution is far from over. Another version – on a separate operating system – is out, with a Cyberpunk 2077 banner as part of its tactic.
The Cyberpunk 2077 Android Ransomware jumps from the original Windows OS to the Android platform, a typical smartphone environment. Its features seem intact entirely, as malware analysts confirm it is wielding the standard encryption routine feature for blocking the device's media files, which might include documents, music, or pictures. The Trojan adds a 'coderCrypt' extension on their names instead of its Windows ancestor's 'DEMON' tag.
The ransom note is familiar, but not a total duplication of the old CoderWare Ransomware one. It uses the same Bitcoin wallet for holding the victims' payments for an unlocker but only asks for half the usual sum: five hundred USD. It also retains the same Telegram contact name, which clarifies that the same threat actor is behind both versions of the Trojan.
A Brighter Future for Phones than a Trojan's Dystopia
The continuing 'disguise' of naming itself after a prominent gaming product offers hints about how the Trojan is likely to distribute itself in the wild. Users should always be cautious about 'too good to be true' downloads, such as suspicious mobile ports of AAA games and free versions of normally-premium products. Although the Cyberpunk 2077 Android Ransomware may recruit torrent networks into its infection vectors, its threat actor promotes the download on compromised websites with designs that imitate Google's Play Store currently.
Since there isn't free decryption or unlocking software for the Cyberpunk 2077 Android Ransomware or the CoderWare Ransomware, users have few recovery options on hand. In most attacks, victims without a backup have no other options for recovering their files besides paying Bitcoins to a criminal who might not respond with any help. Non-local backups on different devices or storage drives should suffice for most users' needs.
Malware researchers stress updating security solutions for detecting and removing the Cyberpunk 2077 Android Ransomware with optimal accuracy. This threat still is new, with many AV vendors failing to identify it as of the middle of December.
Trojans rarely change the entire operating system on a whim. As the exception to the rule for file-locker Trojans, the Cyberpunk 2077 Android Ransomware offers newfound dangers to phone owners who might be a little too used to downloading games without the same wariness as their PC-using counterparts.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.