Cyberpunk 2077 developer hit by ransomware

Cyberpunk 2077 developer hit by ransomware

CD PROJEKT RED, the game developer behind Cyberpunk 2077, announced earlier on Twitter that it has fallen victim to a targeted ransomware attack.

The company says it has backups for the affected systems and does not intend to pay the ransom. In their ransom note the attackers boast that they have stolen the source code for some of the company’s games, including its beleaguered flagship, Cyberpunk 2077.

Further details of the attack are still unknown as of this writing, but we’ll update this post accordingly as developments emerge.

The official announcement from the company reads:

Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.

An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.

We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data. We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.

We are still investigating the incident, however at this time we can confirm that—to our best knowledge—the compromised systems did not contain any personal data of our players or users of our services.

We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensice specialists, and we will closely cooperate with them in order to investigate this incident.

The full text of the ransomware note left by the threat actors reads:

@
!!!!!!!!!!!!!!!!!! Hello CD PROJEKT !!!!!!!!!!!!!!!!!!

You have been EPICALLY pwned!!

We have dumped FULL copies of the source codes from your Perforce server for Cyberpunk 2077, Witcher 3, Gwent and the unreleased version of Witcher 3!!!

Also, we have encrypted all of your servers, but we understand that you can most likely recover from backups.

If we will not come to an agreement, then your source coded will be sold or leaked online and your documents will be sent to our contacts in gaming journalism. Your public image will go down the shitter even more and people will see how you shitty your company functions. Investors will lose trust in your company and the stock will dive even lower!

You have 48 hours to contact us.

Challenges associated with Cyberpunk 2077’s release did not hinder it from becoming one of the most well-known name in the video gaming industry to date. And this popularity alone is a reason for cyber criminals to start banking on the brand.

And they have.

More than a week after the game’s official release on the PlayStation 4, Stadia, Windows, and Xbox One, cybercriminals were caught mimicking a mobile version of Cyberpunk 2077—something that really doesn’t exist. According to Tatyana Shishkova, a researcher from Kaspersky, the purported mobile game is ransomware.

Just yesterday, CD PROJEKT RED released a Cyberpunk 2077 hotfix for a flaw that allows any third-party to modify data and save game files.

ABOUT THE AUTHOR