This week, Egregor ransomware operators published on their website on the darknet data that allegedly was stolen from the largest game developers – Ubisoft and Crytek. It is unclear how exactly this information got into the hands of criminals.
As a rule, ransomware like Egregor break into companies, steal data, encrypt files and then demand a “double ransom”: for decrypting files, as well as for not disclosing stolen data.However, hackers are often caught in the process of attacking and stealing data, that is, they manage to steal information, but not encrypt files.
Having as example Maze ransomware, cybercriminals publish some of the data on special sites to prove their seriousness.
ZDNet journalists report that they were able to ask several questions to the attackers, and they confirmed that they had hacked the Ubisoft network, but only stolen the data and did not encrypt the company’s files.
At the same time, the hackers reported that “Crytek was completely encrypted.”
In particular, the hackers have published only 20 MB of files allegedly stolen from Ubisoft, but claim that they have the source code for the game Watch Dogs: Legion, which is scheduled for release later this month. However, there is no reliable evidence of this yet.
As for Crytek, in this case, more files were published – a total of 300 MB. Here you can find documents clearly stolen from the company’s development department. These papers contain information on the development process for games like Arena of Fate and Warface, as well as the old social network Gface.
Neither Ubisoft nor Crytek have commented on the situation. Moreover, in recent years, none of the companies have reported serious security problems, and their work has not experienced any prolonged downtime or disruptions, that is, the Egregor attack obviously did not have a strong impact on the companies’ operations.
Developers of popular games often fall prey to hackers – let me remind you that we talked about attacks on developers of the Ragnarok Online.