CD Projekt RED Hit by Ransomware Attack

Polish developer CD Projekt RED, known for the games Cyberpunk 2077 and The Witcher, was hit by a ransomware attack.

The hackers said they gained access to the source code of Cyberpunk 2077, The Witcher 3, and its unreleased version for PS5 and Xbox Series S|X, as well as Gwent. They also reportedly stole the company’s documentation.

The attackers threatened to publish the codes and documents if no agreement was reached. The studios gave them 48 hours to contact the hackers.

CD Projekt RED said it would not comply with the extortionists’ demands and has alerted law enforcement. The developer asserts that the compromised systems did not contain users’ personal data.

In turn, the attackers have already begun selling the stolen data.

This is the source code to ‘Gwent’ card game.

Witcher 3, CyberPunk 2077, etc is being auctioned today on EXPLOIT forums at a starting bid of $1,000USD.

The ransomware authors said they will not be auctioning data anywhere else — any other location other than EXPLOIT is fake.

— vx-underground (@vxunderground) February 10, 2021

Later, the seller said they had received an offer outside the forum that satisfied them.

According to Emsisoft researcher Fabian Wosar, the attack may be attributed to the hacker group HelloKitty.

Before CDPR the same group has hacked the Brazillian energy company CEMIG late last year. Earliest victims date back to November 2020, way before CyberPunk was even released.

I can see the appeal of the «this was revenge by a former fan», but life is much more boring than that.

— Fabian Wosar (@fwosar) February 9, 2021

Earlier, attackers spread ransomware via a fake Android beta version of Cyberpunk 2077.

Subscribe to ForkLog’s Telegram news: ForkLog Feed — the full news feed, ForkLog — the most important news and polls.