Genshin Impact devs are "currently working on" reported ransomware exploit

Genshin Impact association questions
(Image credit: Hoyoverse)

Genshin Impact developer Hoyoverse is aware of a reported ransomware exploit tied to the game's anti-cheat and is "currently working on" a fix. 

The new ransomware is said to co-opt the kernel-level anti-cheat software HoYoverse uses for Genshin Impact, using it to kill or bypass protections and antivirus processes to mass-deploy ransomware. Since Genshin Impact 3.0 just kicked off, it's no surprise that malicious programmers have set their sights on the popular game. 

GamesRadar reached out to HoYoverse for comment regarding this new exploit and was told that the devs are still working to figure out the best solution: "The HoYoverse team takes information security very seriously," a PR representative reads. "We're currently working on this case, and will find a solution as soon as possible to safeguard players' safety and stop potential abuse of the anti-cheat function. We will keep you posted once we have further progress."

Trend Micro first drew attention to the new exploit, reporting that "organizations and security teams should be careful" because of "the ease of obtaining" the driver involved and how easily it can then bypass your computer's privileges, spreading ransomware and/or malware like wildfire. 

This is reportedly due to a specific driver, mhyprot2.sys (a relic from Hoyoverse's days as Mihoyo), being repurposed by bad actors. Consequently, as long as this driver is on your PC, you don't even need to install all of Genshin Impact to be vulnerable to this exploit. 

Popular PC games like Genshin Impact are ideal targets for malware, as it's relatively easy to bait players into downloading something under the guise of an update, only to spread malware to their devices. Kernel-level anti-cheat systems, which aren't inherently unsafe and are generally much more effective at stopping cheaters than user-level counterparts, are also particularly susceptible to targeted security attacks like this due to the control they have over system operations.  

This Genshin Impact exploit seems to be isolated for the time being, but as ever, beware of suspicious downloads and ensure you have solid antivirus software on your PC. 

See what Genshin Impact codes you can claim right now with our updated list.

CATEGORIES
Alyssa Mercante

Alyssa Mercante is an editor and features writer at GamesRadar based out of Brooklyn, NY. Prior to entering the industry, she got her Masters's degree in Modern and Contemporary Literature at Newcastle University with a dissertation focusing on contemporary indie games. She spends most of her time playing competitive shooters and in-depth RPGs and was recently on a PAX Panel about the best bars in video games. In her spare time Alyssa rescues cats, practices her Italian, and plays soccer.