Genshin Impact devs are "currently working on" reported ransomware exploit
Genshin Impact developer Hoyoverse is aware of a reported ransomware exploit tied to the game's anti-cheat and is "currently working on" a fix.
The new ransomware is said to co-opt the kernel-level anti-cheat software HoYoverse uses for Genshin Impact, using it to kill or bypass protections and antivirus processes to mass-deploy ransomware. Since Genshin Impact 3.0 just kicked off, it's no surprise that malicious programmers have set their sights on the popular game.
GamesRadar reached out to HoYoverse for comment regarding this new exploit and was told that the devs are still working to figure out the best solution: "The HoYoverse team takes information security very seriously," a PR representative reads. "We're currently working on this case, and will find a solution as soon as possible to safeguard players' safety and stop potential abuse of the anti-cheat function. We will keep you posted once we have further progress."
Trend Micro (opens in new tab) first drew attention to the new exploit, reporting that "organizations and security teams should be careful" because of "the ease of obtaining" the driver involved and how easily it can then bypass your computer's privileges, spreading ransomware and/or malware like wildfire.
This is reportedly due to a specific driver, mhyprot2.sys (a relic from Hoyoverse's days as Mihoyo), being repurposed by bad actors. Consequently, as long as this driver is on your PC, you don't even need to install all of Genshin Impact to be vulnerable to this exploit.
Popular PC games like Genshin Impact are ideal targets for malware, as it's relatively easy to bait players into downloading something under the guise of an update, only to spread malware to their devices. Kernel-level
Read more on gamesradar.com
