MCV/DEVELOP News, events, research and jobs from the games industry
The data stolen from CD Projekt Red during the recent online attack has reportedly been sold.
Just in: #CDProjektRed AUCTION IS CLOSED. #Hackers auctioned off stolen source code for the #RedEngine and #CDPR game releases, and have just announced that a satisfying offer from outside the forum was received, with the condition of no further distribution or selling. pic.twitter.com/4Z2zoZlkV6
— KELA (@Intel_by_KELA) February 11, 2021
Kela, a cyberintelligence firm, shared the information via Twitter, showing forum posts in which the hackers had successfully auctioned off the stolen data.
“An offer was received outside the forum that satisfied us,” reads the post. “With the conditions of further non-distribution, in this regard, they were forced to withdraw the lot from sale”
The dark web auction started at $1 million, with a “buy now” option of $7 million. However, it is not clear exactly how much money was exchanged for the stolen data, as the auction was closed following an outside offer.
According to Vx-underground, the hackers were selling source code for Cyberpunk 2077, Thronebreaker and The Witcher 3, as well as an unreleased version of the Witcher 3 that included raytracing.
The attack took place early this week, with CD Projekt Red taking the unusual step of releasing the ransom note along with its own statement.
The ransom note listed the source code for the games apparently sold during the auction, as well as a host of sensitive information.
The message read in full [sic]:
“Your have been EPICALLY pwned!!
We have dumped FULL copies of the source codes from your Perforce server for Cyberpunk 2077, Witcher 3, Gwent and the unreleased version of Witcher 3!!!
We have also dumped all of your documents relating to accounting, administration, legal, HR, investor relations and more!
Also we have encrypted all of your servers, but we understand that you can most likely recover from backups.
If we will not come to an agreement, then your source codes will be sold or leaked online and your documents will be sent to our contacts in gaming journalism. Your public image will go down the shitter even more and people will see how you shiity your company functions. Investors will lose trust in your company and the stock will dive even lower!
You have 48 hours to contact us.”
