Ubisoft, Crytek data posted on ransomware gang’s site

A ransomware gang going by the of Egregor has leaked data it claims to have obtained from the internal networks of two of today’s largest gaming companies — Ubisoft and Crytek.

Data allegedly taken from each company has been published on the ransomware gang’s dark web portal on Tuesday.


Image: ZDNet

Details about how the Egregor gang obtained the data remain unclear.

Ransomware gangs like Egregor regularly breach companies, steal their data, encrypt files, and ask for a ransom to decrypt the locked data.

However, in many incidents, ransomware gangs are also get caught and kicked out of networks during the data exfiltration process, and files are never encrypted. Nevertheless, they still extort companies, asking victims for money to not leak sensitive files.

Usually, when negotiations break down, ransomware gangs post a partial leak of the stolen files on so-called leak sites.

On Tuesday, leaks for both Crytek and Ubisoft were posted on the Egregor portal at the same time, with threats from the ransomware crew to leak more files in the coming days.

For the Ubisoft leak, the Egregor group shared files to suggest they were in possession of source code from one of the company’s Watch Dogs games. On its web portal, the group touted they were in possession of the source code for the Watch Dogs: Legion game, scheduled to be released later this month. It was, however, impossible to verify that these files came from the new game, rather than an existing release.


Image: ZDNet

For the past year, security researchers have tried to reach out and notify Ubisoft about several of its employees getting phished, with no results, which may provide a clue of how the hackers might have got it.

But while hackers leaked only 20 MB from Ubisoft, they leaked 300 MB from Crytek, and this data contained a lot more information.

The Crytek files included documents that appeared to have been stolen from the company’s game development division. These documents contained resources and information about the development process of games like Arena of Fate and Warface, but also Crytek’s old Gface social gaming network.


Image: ZDNet

Image: ZDNet

Image: ZDNet

Neither Ubisoft nor Crytek responded to emails seeking comment on the leaks. None of the companies reported major security incidents weeks, nor any abnormal and prolonged downtimes, suggesting the Egregor intrusion didn’t likely impact cloud and gaming system, but merely backend office and work networks, where most ransomware incidents usually incur damages.

However, in an email interview with ZDNet, the Egregor gang provided more details about the two incidents. The ransomware operators said they breached the Ubisoft network, but only stole data, and did not encrypt any of the company’s files.

On the other hand, “Crytek has been encrypted fully,” the Egregor crew told ZDNet.

The Egregor group said that neither company engaged in discussions, despite their intrusions, and no ransom has been officially requested yet.

“In case Ubisoft will not contact us we will begin posting the source code of upcoming Watch Dogs and their engine,” the group threatened, promising to publish more data in a press release tomorrow.

Source link

Recent articles

Apollo founder’s ties to Jeffrey Epstein prompt a pension fund to halt new investments.

A pension fund for Pennsylvania teachers said it had frozen new investments with Apollo Global Management amid concerns about ties between its founder,...

Used business aircraft market boosted by first-time buyers | News

Wealthy individuals wary of travelling on commercial airlines are boosting the used business aircraft market, according to trade brokerage Jetcraft. The US company, which...

Disability Visibility: First-Person Stories from the Twenty-First Century | Review

Alice Wong (editor)Crown Books2020 | 240pp | £11.99ISBN 9781984899422 Buy this book on Amazon.co.uk A magnetar is born in a gamma-ray burst, an incredibly powerful astronomical...

We have two inherited IRAs, one for a spouse and one for adult children — can you help us figure it out?

Q: My family is having difficulty with IRA RMDs and spousal continuation. Any insight...

Israel strikes Gaza after rocket attack | Middle East

Israeli army says it struck Hamas military targets in the besieged strip after two rockets were fired into Israel.The Israeli military says it...

Leave a reply

Please enter your comment!
Please enter your name here