Cyberpunk 2077 Android Ransomware
Cybercriminals appear to have wasted no time exploiting the record-setting launch of CD Project Red's Cyberpunk 2077 video game. One such attack campaign that uses Cyberpunk 2077's name as a hook to trick users is delivering an Android variant of the CoderWare Ransomware threat. Named Cyberpunk 2077 Android Ransomware by the infosec community, the threat is capable of leveraging uncrackable encryption algorithms to lock data on Android devices. Victims will then be extorted for money if they want to potentially restore their files by receiving the decryption key and tool from the hackers. So far, this Android ransomware threat is being spread through a specially crafted misleading site that is designed to imitate the official Google Play store interface closely. As for the ransomware threat itself, it masquerades as a mobile version of the Cyberpunk 2077 game. Users should keep in mind that no such mobile version exists and the claims made by the threat are false completely.
However, Android users who have fallen for the hackers' trap will have to deal with the severe consequences of a ransomware attack. Their data stored on the compromised device will be encrypted and each affected file will have '.coderCrypt' appended as a new extension to its original name. After the encryption process is completed, a ransom note will be displayed on the device's screen.
According to the instructions, victims of the threat have 10 hours to send $500 worth of bitcoins to the hackers. If they miss the deadline, the encrypted files will be rendered unsalvageable. Users have to send proof of completing the transaction before they receive the decryption software. Even then, they will are given 24 hours to decrypt their data, after which the files will supposedly be deleted.
The full set of commands delivered by the Cyberpunk 2077 Android Ransomware is:
'hey Down! Seems like you got hit by CoderWare !
warning: take a screenshot of this place. If you lose the information here, you'll never get to us. and it would be impossible to get your dosys
Don't Panic, you get have your files back!
CoderWare uses basic encryption script to lock your files. This type of is known as CRYPTO.
You'll need a decryption key in order to unlock your files.
Your files will be deleted when the timer runs out, so you better hurry.You have 10 hours to find your key
When you pay >>> 500$ <<< to the Bitcoin address below, you will need to send a single as proof to our e-mail address, and if the recipient is correct, your code to decrypt our files to your e-mail address. It will be sent back to you via e-mail.
But you have to be quick for that. Because you have 24 hours. If you do not pay within 10 hours, your files will be permanently deleted.
And it would be out of reach again. If you don't know how to get bitcoin.
hxxps://buy.moonpay.io
can quickly get your credit or debit card online from the website.
Please type the bitcoin address shown on the screen in the wallet field on the website. If you try to shut it down by force, you'll lose your files. because if you lose your bitcoin address,
you will not be able to pay. and you'll never get your files back.
If you delete the application, it will be impossible to access your files.
email: alrescodercry@protonmail.com
bitcoin Adress : 336Fvf8fRrpySwq8gsaWdf7gfuGm5FQi8K
telegram : @Codersan.'
