The hackers behind last month’s attack on game developer CD Projekt Red (CDPR) are auctioning off stolen data as part of a ‘charity auction’.
CDPR was hit in early February last month by a major ransomware attack. The attackers stole company documents, including those relating to accounting, administration legal, HR, and investor relations. They also stole source code for some of the company’s games.
The company is famous for developing the popular Witcher games, along with the highly anticipated Cyberpunk 2077 game.
According to cybersecurity researchers Emsisoft, the ‘HelloKitty’ cybercriminal group is holding an auction for passwords to CDPR’s game data. Each password is reported to cost $10,000. The proceeds, they are claiming, will go to charity.
Emsisoft discovered a Tor site believed to belong to ‘HelloKitty’, with a public torrent file having been created around March 13th.
At the time of the attack, CD Projekt Red said that the hackers had not stolen any personal data.
While the attackers demanded a ransom to return the data, CDPR refused to pay. In turn, the attackers threatened to sell the stolen data online, or leak the data to gaming journalists.
- Scot-Secure 2021 | Resilient cybersecurity with Managing CISO Jordan Schroeder
- Scotland’s AI strategy outlines ambitious plans to become ‘AI powerhouse’
- Cumulus Oncology inks landmark deal with German Lead Discovery Center
An initial auction was started on an auction site, EXPLOIT, within the 48-hour ransom window after the attack. Bids on the data started at $1 million, or $7 million at a ‘buy-it-now’ price. Although the data was not sold at that auction, rumours suggested that the data had been sold outside the platform.
Since then, several Tweets were made containing links to CDPR’s data. In turn, the company has since issued takedown requests under the US Digital Millennium Copyright Act (DMCA) to curb the stolen source code from being distributed.
Any game released using the stolen source code would likely earn the publisher or developer a lawsuit. As such, it is hard to image why anyone would buy the code, especially for such a high price.
The attack pushed back a patch for CDPR’s latest release Cyberpunk 2077. While popular, the game was criticised on release over performance issues.
In addition, the company had to delay its yearly earnings report, pushing it back from March 30th to April 19th.
Join the Debate | Scot-Secure 2021
The rising threat from ransomware attacks and how to deal with them will be a key area of discussion at the upcoming Scot-Secure Cybersecurity Conference on March 24-25th.
Hear from leading experts from across the cybersecurity sector and explore the crucial issues.
Register your free place now at: https://www.scot-secure.com