CD Projekt Red’s stolen data last February is now circulating online, the company stated. The developer behind popular games such as “The Witcher 3” and “Cyberpunk 2077” said that it couldn’t confirm the exact contents of the data being circulated but believes it is related to its contractors, employees, and games.
CD Projekt also warned that the data might have been tampered with, and what is posted online may not be 100% accurate.
CD Projekt Hacked Data
The studio first announced that it had fallen victim to a ransomware attack four months ago. The company said that the hackers had managed to access certain data, according to The Verge.
CD Projekt Red posted the ransom note that it received in which the hackers claimed to have access to the company’s source code from its famous games, including “Cyberpunk 2077,” “The Witch 3,” and “Gwent.”
The note also stated that the hacked data included details relating to its accounting, HR, and other internal operations.
Also Read: FiveHands Ransomware Seen to be Exploiting SonicWall–Similar to ‘HelloKitty’ Ransomware?
CD Projekt Red said that it would not give in to the demands of the hackers, and days later, the hackers claimed to have sold the data online and did not specify which forums it had sold the data to.
The hackers only hinted that they had found a buyer outside of a hacking forum auction, although the nature of the sale raised some questions about whether they were able to find a buyer at all.
Emsisoft threat analyst Brett Callow wrote in a blog post that he thought it was likely that the hackers were just claiming to have found a buyer in order to save face after having failed to get money from CD Projekt Red.
CD Projekt Red has admitted that hackers were able to encrypt some of its employee data on its network, as posted on their official Twitter account.
However, the company said that its investigation had found no concrete evidence that the data had been transferred out of their systems.
The hack followed the troubled launch of the studio’s latest blockbuster title, “Cyberpunk 2077.” Although it sold well and was initially well-received by critics, the players discovered that the game was filled with bugs to the point that it was almost unplayable on older consoles.
The situation got so bad that the game was pulled from the PlayStation Store just a week after it was launched.
CD Projekt Red said that it is continuing to work with law enforcement and outside experts as it responds to the hack, and it is committed and prepared to take action against anyone caught sharing the stolen data.
Possible Ransom Price
Back in February, Wired reported that the starting price for the auction of the source code for “Gwent” was $1 million, with a buy-it-now price of $7 million.
Even though the name of the hackers has not been officially named, a security researcher believed it involved the use of the HelloKitty ransomware, which had also been used to hack a Brazilian power company called CEMIG.
The HelloKitty ransomware emerged in 2020-the primary delivery method of HelloKitty binaries through phish email or secondary infection with other malware.
Related Article: CD Projekt Red Hit with ‘HelloKitty’ Ransomware Attack-Threatens to Leak ‘Cyberpunk,’ ‘The Witcher 3’ Data
This article is owned by Tech Times
Written by Sophie Webster
ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.