Security News > 2021 > February > CD Projekt Red 'EPICALLY pwned': Cyberpunk 2077 dev publishes ransom note after company systems encrypted

CD Projekt Red 'EPICALLY pwned': Cyberpunk 2077 dev publishes ransom note after company systems encrypted
2021-02-09 12:28

CD Projekt Red, the Polish developer of Cyberpunk 2077 and The Witcher 3, has disclosed a major security incident in which several company systems were encrypted and confidential data stolen.

"If we will not come to an agreement, then your source codes will be sold or leaked online and your documents will be sent to our contacts in gaming journalism," wrote the attackers, who added CD Projekt Red had a 48-hour deadline to respond to their demands.

Equally troubling, the attackers said they were able to exfiltrate documents from parent company CD Projekt's various administrative and business development departments.

While CD Projekt is best known for the AAA titles produced via its Red wing, it also dabbles in services, operating an online game marketplace called GOG. This platform competes directly with Steam, EA Origin, and the Epic Games Store albeit with a focus on DRM-free retro and indie titles.

This view was shared by Jake Moore, security specialist at ESET, who said: "This is quite possibly the eventuality that CD Projekt have been expecting for quite some time. As frustrating as it must be, it appears that the company has the correct protocol in place to withstand such demands and upheaval by refusing to pay the attackers. All good businesses have critical redundancies in place to mitigate the risk and this can only be truly simulated by testing the backups regularly and red teaming the company."

"Based on the note shared by CD Projekt Red, this appears to be an attack on the company's software development process that led to the hackers getting in. Finding a tool that is not secured properly and then using lateral movement within the network to launch ransomware has become a more common approach for hackers, as it does lead to ransom payments. However, the note may not be telling the truth, and the issue may be elsewhere."


News URL

https://go.theregister.com/feed/www.theregister.com/2021/02/09/cd_projekt_red_hack/