Security News > 2024 > April > HelloKitty ransomware rebrands, releases CD Projekt and Cisco data

HelloKitty ransomware rebrands, releases CD Projekt and Cisco data
2024-04-19 19:20

An operator of the HelloKitty ransomware operation announced they changed the name to 'HelloGookie,' releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks.

To celebrate the launch, the threat actor released four private decryption keys that can be used to decrypt files in older attacks, as well as internal information stolen from Cisco in a 2022 attack and passwords for the leaked source code for Gwent, Witcher 3, and Red Engine stolen from CD Projekt in 2021.

One representative of the group compiling Witcher 3 known as 'sventek' told BleepingComputer that the leaked CD Projekt data is 450 GB uncompressed and contains source code for Witcher 3, Gwent, Cyberpunk, various console SDK, and some build logs.

In 2022, the data leak site for another ransomware operation, Yanluowang, was allegedly hacked to leak conversations between the members.

Cisco previously admitted in 2022 that it had been hacked by the Yanluowang ransomware group, an incident allegedly limited to the theft of non-sensitive data from a single compromised account.

"Cisco is aware of the recently published information referencing a security incident in May 2022. A detailed summary of the incident can be found in this August 2022 blog post by Cisco Talos, our threat intelligence research organization," Cisco told BleepingComputer today regarding the leak of data.


News URL

https://www.bleepingcomputer.com/news/security/hellokitty-ransomware-rebrands-releases-cd-projekt-and-cisco-data/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751