The rampant cybercrime of hackers is often high-profile disclosure of the chips in their hands.
“If Ubisoft doesn’t contact us again, we will start publishing the source code of the upcoming Watch Dogs and its engine.” The ransomware group Egregor claims to have obtained from the internal networks of Ubisoft and Crytek, two of today’s largest game companies. , and even threatened to release the source code for the upcoming Watch Dogs: Legion. The details of how the hackers obtained the files are not yet known.
Ubisoft and Crytek are both established video game companies. Ubisoft is a video game developer and publisher headquartered in Rennes, France, founded in 1986. With 23 game development studios around the world, Ubisoft was the third largest independent game developer in Europe and the fourth largest independent game publisher in North America in 2008. Crytek is a video game developer founded in 1999 by the Yerli brothers. Crytek is headquartered in Frankfurt, Germany, and currently has a branch in Kyiv, Ukraine.
The ransomware gang allegedly posted the stolen data on the dark web on Tuesday. The details of how Egregor obtained the data are still unclear, but what is known is that this is not the first time Egregor has committed crimes. Ransomware gangs like them have invaded companies, stolen their data, encrypted files and demanded a ransom to decrypt the locked data.
Although files are sometimes found in criminal activities and kicked off internal networks, and files are not encrypted, ransomware gangs still threaten companies to leak sensitive files without paying a ransom. Once they couldn’t negotiate, the ransomware gang leaked some of the stolen files on a dedicated data breach website.
Parts of Ubisoft’s and Crytek’s data were simultaneously posted on the Egregor portal last Tuesday, and the ransomware gang threatened to leak more files in the coming days.
For the data leaked by Ubisoft, the Egregor gang shared some documents intended to show that they own the source code for one of the company’s “Watch Dogs: Legion” games. At the same time, they also said that this is a new game that will be released later this month. However, right now there is no way to verify whether these files are from a new game or a current version of the game.
In fact, this incident is not groundless, but traceable. Over the past year, security researchers have tried to contact Ubisoft and notified several of its employees of a phishing attack, but without results, potentially providing a criminal opportunity for hackers.
The hackers only stole 20 MB of memory data from Ubisoft, but they stole 300 MB of memory data from Crytek, which contained much more information.
The data leaked by Crytek appears to have been stolen by a ransomware gang from the company’s game development division. These documents contain resources and information about the development process of games such as Arena of Destiny and Warface, as well as Crytek’s legacy Gface social gaming network.
Neither Ubisoft nor Crytek responded to the data breach. Neither company reported this security incident nor any unusual or prolonged downtime, suggesting that the Egregor intrusion is unlikely to affect cloud and gaming systems, but only the back-office network, where most ransomware incidents have a lesser impact on the back-end network. big.
The ransomware operators said they hacked into Ubisoft’s network but only stole data, not encrypting any of the company’s files, while Crytek was fully encrypted.