icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
11 Feb, 2021 23:52

Cyberpunk hackers ‘sell off’ CD Projekt Red’s stolen source code after ransomware attack

Cyberpunk hackers ‘sell off’ CD Projekt Red’s stolen source code after ransomware attack

Hackers have reportedly sold off the source code of CD Projekt’s ‘The Witcher 3’ and ‘Cyberpunk 2077’ titles, after attempting to hold the Polish video game developer and publisher to ransom.

Fresh from a public outcry over the shambolic release of ‘Cyberpunk 2077’ before Christmas, CD Projekt Red (CDPR) was in the news again this week after it fell victim to an alleged cyberattack. Hackers claimed to have stolen the source code to the company’s ‘Red Engine’, which powers both ‘Cyberpunk 2077’ and ‘The Witcher 3’, a smash hit for the Polish studio. The hackers also claimed to have taken an unreleased version of ‘The Witcher 3’, and “documents relating to accounting, administration, legal, HR, investor relations and more.”

Also on rt.com CD Projekt’s bad luck gets worse: Cold-welcomed Cyberpunk 2077 developer faces cyberattack, ransom letter

CDPR refused to pay up, and the hackers were all set to go ahead with an auction, until cybersecurity firm Kela released screenshots of a post on the hacking forum Exploit, in which a user claiming to represent the hackers stated that they had received an offer, sold the files, and halted the auction.

As the mystery buyer reportedly paid up on condition that the files would not be resold, some commenters suspected that CDPR itself had got in touch with the alleged cybercriminals and bought back their own data. There was no public comment from the company at the time of writing.

The identity of the hackers is unknown, though one cybersecurity researcher told Wired that the hack likely involved the use of the HelloKitty ransomware, which was previously used to hack CEMIG, a Brazilian power company.

Think your friends would be interested? Share this story!