Hackers have begun distributing Android ransomware disguised as copies of the popular multiplayer online battle game King of Glory, which has millions of users, security researchers have warned.
The malware has prompted “emergency” warnings to be posted on gaming forums and websites in China, security firm Sophos said in an advisory.
“This ransomware was spread via internet gaming forums and downloaded and installed by unsuspecting gamers,” Sophos said in the advisory, without estimating the number who might have been affected.
After installation the malware hides its initial icon and displays one with the title “Lycorisradiata”, referring to the red spider lily.
It changes the home screen to one with a pink background and a cartoon bear and bearing a long string of alphanumeric characters that Sophos said may be an ID related to the malware author.
It encrypts the files on the device and renames them with long and unreadable file extensions, but avoids encrypting system files, so that the device can be used to pay a ransom.
It then displays a ransomware message imitating the one used by the WannaCry malware that caused widespread disruption last month, and prompts the user to make a payment of 20 RMB (£2) using the China-based Wechat, Alipay or QQ payment systems.
“We don’t know why the criminals behind this software copied WannaCry’s interface – perhaps they were just lazy, or maybe they were trying to cash in on its notoriety,” Sophos stated, adding that the malware shares none of WannaCry’s functionality.
The firm advised users to install software only from trusted app stores, to use antivirus software and to apply patches frequently.
Sophos’ warning follows last month’s discovery of an Android malware called Judy thought to have infected up to 36.5 million devices.
Android users in China are particularly vulnerable to malware because of the country’s reliance on app stores that as often as not offer little or no screening.
“Many alternative markets are little more than a free-for-all where app creators can upload anything they want, and frequently do,” Sophos said in its advisory.
Unlike Apple’s App Store, Google Play is barred in China, along with most other Google services, including its search engine and mapping tools.
As a result, Google’s centralised online shop generally isn’t pre-installed on Chinese Android devices and is little used in the country, in spite of Android dominating the smartphone platform market there.
Put your knowledge of artificial intelligence (AI) to the test. Try our quiz!
Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…
Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…
Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…
Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…
Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal
Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…