Android Game Hides Crypto-Ransomware Exploit

There is a new encryption ransomware exploit hiding inside a spoofed copy of the popular Chinese game “King of Glory.”  Right now, this malware is affecting users in China, but it is a matter of time before another cyber-criminal group modifies it for English speaking victims.

This game is available on international gaming forums, and is being spread when gamers download a copy to their phone.   Once the game is downloaded, it replaces your home screen, and begins to encrypt any pictures, music, video, or document files it can find on the infected phone.  Then it presents a ransom demand in the style of the recent WannaCry crypto malware.

As a proof of concept, this exploit could be modified to present itself in any type of downloadable phone app, not just games.  Installing apps from forums or third party download sites is always risky.  The best way to protect yourself and your phone from this type of exploit is to only download games and apps from the Google Play store.

Other ways to stay safe are to keep your phone up-to-date by installing system updates and patches when they are offered by your service provider, and using an Android anti-malware app on your phone.

More information:


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.