Genshin Impact devs are “currently working on” reported ransomware exploit

Genshin Impact developer Hoyoverse is aware of a reported ransomware exploit tied to the game’s anti-cheat and is “currently working on” a fix. 

The new ransomware is said to co-opt the kernel-level anti-cheat software HoYoverse uses for Genshin Impact, using it to kill or bypass protections and antivirus processes to mass-deploy ransomware. Since Genshin Impact 3.0 just kicked off, it’s no surprise that malicious programmers have set their sights on the popular game. 

GamesRadar reached out to HoYoverse for comment regarding this new exploit and was told that the devs are still working to figure out the best solution: “The HoYoverse team takes information security very seriously,” a PR representative reads. “We’re currently working on this case, and will find a solution as soon as possible to safeguard players’ safety and stop potential abuse of the anti-cheat function. We will keep you posted once we have further progress.”

Trend Micro (opens in new tab) first drew attention to the new exploit, reporting that “organizations and security teams should be careful” because of “the ease of obtaining” the driver involved and how easily it can then bypass your computer’s privileges, spreading ransomware and/or malware like wildfire. 

This is reportedly due to a specific driver, mhyprot2.sys (a relic from Hoyoverse’s days as Mihoyo), being repurposed by bad actors. Consequently, as long as this driver is on your PC, you don’t even need to install all of Genshin Impact to be vulnerable to this exploit. 

Popular PC games like Genshin Impact are ideal targets for malware, as it’s relatively easy to bait players into downloading something under the guise of an update, only to spread malware to their devices. Kernel-level anti-cheat systems, which aren’t inherently unsafe and are generally much more effective at stopping cheaters than user-level counterparts, are also particularly susceptible to targeted security attacks like this due to the control they have over system operations.  

This Genshin Impact exploit seems to be isolated for the time being, but as ever, beware of suspicious downloads and ensure you have solid antivirus software on your PC. 

See what Genshin Impact codes you can claim right now with our updated list.

About Fox

Check Also

Valorant devs are “working on a couple of changes” across Fracture map

Valorant’s Fracture map will shortly be getting an overhaul. In a brief video on Twitter, …

Leave a Reply