[ad_1]
Hackers who have targeted video game developer CD Projekt Red (CDPR) with a ransomware attack are now auctioning off the stolen source code they acquired for potentially millions of dollars in pay.
The flaw, which CDPR first revealed yesterday after learning about it on Monday of this week, involved critical game code linked to high-level releases like The Witcher 3 and Cyberpunk 2077. CDPR said at the time that it had no intention of responding to hackers’ requests, even though that meant material stolen in the hack had started circulating online.
This has now started to happen, it seems. Earlier today, leaks of potentially legitimate source code information began to appear in online forums, as reported on Twitter by the cybersecurity account vx-underground:
This first leak is believed to include source code for CDPR’s virtual card game Gwent, while vx-underground revealed that the auction for the most valuable source code is taking place on a hacking forum called Exploit. We were unable to verify this information and CDPR did not respond to a request for comment.
But a cybersecurity company called KELA, which specializes in providing threat intelligence to businesses based on scans of dark websites and web communities, says it has reason to believe the auctions are in fact legitimate. .
“We think this is a real auction by a real seller who accessed the data. The seller offers to use a guarantor and he only allows those who have a deposit to participate – a tactic used by many sellers to show they are serious and to ensure that no scams will occur, ”said a spokesperson for KELA. The edge.
KELA claims its threat intelligence analyst Victoria Kivilevich was able to download some of the information provided to her by someone claiming to be involved in the auction. Kivilevich thinks he is genuine and KELA shared screenshots with The edge of some of the file listings allegedly showing the stolen source code of Red Engine from CDPR, its in-house game engine platform.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22295499/WhatsApp_Image_2021_02_10_at_14.12.09.jpeg)
Image: KELA
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22295501/WhatsApp_Image_2021_02_10_at_14.12.10.jpeg)
Image: KELA
KELA says the auction offers source code files for Red Engine and CDPR game versions, including The Witcher 3: Wild Hunt, Thronebreaker: The Witcher Tales spin-off, and the recent Cyberpunk 2077. The stolen material is also believed to include internal documents, although it is not known what types of documents or additional material includes the full cache.
KELA claims the auction’s starting price is $ 1 million, with bids higher in increments of $ 500,000 and a buy-it-now price of $ 7 million. Only users who deposit 0.1 bitcoin can participate, which is why Kivilevich believes the hackers are serious about hosting the auction and that the material for sale is likely legitimate because it ensures that no one participating in the auction does not try to defraud the sellers.
Vx-underground also independently verified the pricing conditions of the auction after KELA provided the information to The edge, including screenshots alleging it will take place tomorrow at 5 a.m. ET / 1 p.m. Moscow Standard Time, and will last for up to 48 hours after the last offer.
Update: an error has been made. They have declared a starting offer of $ 1kk. This was assumed to be a typo for $ 1,000. They meant $ 1,000,000. They also sell immediately for $ 7,000,000.
Attached images provided by @DrFurfagMD pic.twitter.com/JnOcwnGqZk
– vx-underground (@vxunderground) February 10, 2021
It’s not clear whether the leak from the start of the day – which has already been removed from file download sites such as Mega and cleaned up from hacking forums and other sites – is somehow. other associated with the ransomware attack.
[ad_2]
Source link