The group that claims to be behind a recent CD Projekt “href =” https://www.videogameschronicle.com/companies/cd-projekt/ “> CD Projekt Red hack is auctioning off the stolen source code of Cyberpunk 2077” href = “https://www.videogameschronicle.com/games/cyberpunk-2077/”> Cyberpunk 2077 and The Witcher 3: Wild Hunt” href = “https://www.videogameschronicle.com/games/the-witcher-3 – wild-hunt / “> The Witcher 3.
According to Tom’s Hardware (via vx-underground), the files – which reportedly include an unreleased version of Witcher 3, possibly for PS5 and Xbox Series X / S – are being sold on the EXPLOIT forums with an initial bid of $ 1,000.
The ransomware attack was reportedly perpetrated by a group that goes by the name HelloKitty. She also posted the source code for the CD Projekt Red card game Gwent online, with the leak spreading to various forums.
CD Projekt Red revealed on Monday that it was the victim of a targeted cyber attack. In a statement, the developer said that some of his internal systems were compromised and “certain data” was stolen.
In an apparent ransom note published with the statement, the culprits alleged that they had stolen the source code for the games mentioned, as well as documents related to the company’s accounting, legal, HR and more.
If CD Projekt Red did not “make a deal” with them in 48 hours, the culprits said they would either sell or leak the content.
CD Projekt Red said it would not give in to the demands or negotiate with the people behind the attack, noting that this could lead to the disclosure of the compromised data.
“We are taking the necessary steps to mitigate the consequences of such a release, in particular addressing all parties that may be affected by the breach,” he said.
“We are still investigating the incident, but at this point we can confirm that – as far as we know – the compromised systems did not contain any personal data about our players or users of our services.”
CD Projekt Red said it has already approached relevant authorities, including police and IT forensic experts.
On Tuesday, the company also released a demonstration addressed to its former employees.
“To date, we have no evidence that any of your personal data has been accessed,” he said. “However, we still recommend caution (that is, enabling fraud alerts). If you have questions, write to our dpo privacy team[at]http://cdprojektred.com. “