Analytics & Intelligence Application Security Cybersecurity Data Privacy Data Security Featured Governance, Risk & Compliance Incident Response Network Security News Security Awareness Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Hackers Sell ‘Cyberpunk 2077’ Data and Source for Millions

by Richi Jennings on February 12, 2021

Ransomware scrotes have followed through on their threat to auction off the data they stole from CD Projekt Red: The hapless maker of the buggy game Cyberpunk 2077 had lax security and refused to pay the hackers’ ransom.

Angry customers suffering lag and crashes are feeling some Schadenfreude right now. But others smell a rat.

What would Keanu do? In today’s SB Blogwatch, we take the red pill.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Belay bay.

CDPR PR FAIL

What’s the craic? Dave Sebastian and Sarah E. Needleman report—“Hacker Breaches Game Maker”:

 CD Projekt SA … said an unidentified hacker accessed its internal network and collected corporate data in what the company described as a targeted attack. The company said … the purported hacker threatened to release the software code underpinning the blockbuster videogame and other works in progress.

The hacker gave the company 48 hours to contact them, according to … a ransom note. … The cyberattack is the latest issue facing the videogame developer whose reputation has been dented by the rocky rollout of its most ambitious project, “Cyberpunk 2077.”

But then, Jon Porter carries the story forward—“Hacked data has reportedly been sold”:

 CDPR said it would not give in to the demands or negotiate with the hackers, even if that meant the stolen data would begin circulating online. [And now] hackers have reportedly sold the game source code and other information stolen from Cyberpunk 2077 and The Witcher 3 studio CD Projekt Red (CDPR).

It is not known who purchased the data or how much it was sold for. However, the auction was thought to have included source code for Thronebreaker: The Witcher Tales spinoff, The Witcher 3, a ray-traced version of The Witcher 3, Cyberpunk 2077, and copies of the company’s internal documents.

How do we know? The anonymous gnomes behind KELA spake thuswise:

 CD Projekt Red auction is closed. Hackers auctioned off stolen source code for the Red Engine and CDPR game releases, and have just announced that a satisfying offer from outside the forum was received, with the condition of no further distribution or selling.

On the condition of whatnow? Heed the sarcastic scoff of pehash:

 These are surely “ethical” hackers: You pay them and they promise not to sell / distribute the code to anyone else! Seriously! Thief’s honor!

Given that so many Cyberpunk 2077 owners are complaining about the game, SuperKendall has an idea:

 Maybe CDPR should offer to pay the people that bought it if they can submit a pull request that fixes a substantial number of bugs?

Or was a disgruntled customer the hacker? Fabian Wosar—@fwosar just laughs:

 Judging by the ransom note … this was done by a ransomware group we track as “HelloKitty”. This … is just your average ransomware.

The same group has hacked the Brazilian energy company CEMIG late last year. Earliest victims date back … way before CyberPunk was even released.

The motivator here is money. … Occam’s razor, my friend.

Wait. Pause. Who are these CDPR people, anyway? Brad offers this history lesson:

 CDPR [were] scummy hackers at one time, at the very start of their careers. They used to hack and crack Western games, burn them onto CDs (that’s where they got their name from) and then sell the games as their own on the Black Market in Eastern Europe.

But I still believe this was all a great big hoax. They were never hacked. They just did all this as a stunt.

I just don’t accept that this was real and that someone else bought the stolen data. Either CDPR did, despite refusing to deal with the hackers — or they were the hackers and this was all a show.

And boy1dr has a similar thought:

 CDPR is probably the buyer, maybe it was cheaper than paying the ransom.

Meanwhile, mark mkvii1989’s words:

 What exactly did CDPR expect to happen when it refused to negotiate with the hackers?

And Finally:

Bay leaves are a scam. Change my mind.

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.

Image sauce: Wilmer Martinez (via Unsplash)

Recent Articles By Author
More from Richi Jennings
Richi Jennings , , , , ,

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 704 posts and counting.See all posts by richi