Dark Web actors are selling source codes of FIFA 21 and Cyberpunk 2077 – The trend of targeted cyber attacks against e-gaming giants continues.
The source codes of the computer game Cyberpunk 2077 was published on the Dark Web by the newly appeared “PayloadBIN” ransomware group.
“Underground sources connected PayloadBIN with Babuk Ransomware. Ransomware actors keep masquerading their operations under different names – one of the tactics used to blur attribution. In the uploaded 274,8 GB (in 5 parts) – some fragments seem to be authentic with what has been leaked before by HelloKitty Ransomware. Both groups seem to be significantly interconnected” – said Nishan Sah, a cyber threat intelligence analyst with Resecurity. Actors are frequently changing their brand in DarkWeb to remain anonymous. In some cases, it is a matter of OPSEC or activity of their affiliates working for multiple ransomware gangs.” – he added.
In February of this year, the Polish studio became a victim of a hack where hackers gained access to the source code of Cyberpunk 2077, The Witcher 3: Wild Hunt and Gwent, as well as the company’s internal documents. Two days later, the hackers put up for sale the information they received on a file hosting service and asked for $ 7 million for it.
The result of such significant intellectual property theft resulted in big disputes not just in the gaming community, but also affected relationships between investors and hacked gaming studio.
U.K.-based Abri Advisors, which didn’t specify how big a stake it holds in CD Projekt, wrote to the studio’s board expressing “utter dismay and disbelief with developments at the company over the last 12 months” on behalf of all shareholders.
Since Cyberpunk’s debut, the studio’s stock has lost 57%, erasing 22.6 billion zloty ($6.2 billion) in value.
“I don’t think you could have intentionally tried to make so many mistakes as these guys have made,” Abri’s Chief Executive Office Jeffrey Tirman said in an interview. “It’s really shocking.”
Hackers have stolen FIFA 21 and Battlefield engine source code from Electronic Arts
Another group of threat actors, presumably closely tied to Kickass underground community, hacked into the servers of Electronic Arts – a company that publishes games like Battlefield, FIFA and The Sims – and stole 780GB of the game’s source code and associated internal tools. EA has already confirmed the leak but noted that hackers did not gain access to player data.
According to Resecurity the initial posting with a proposal to buy data stolen from EA Games has been initially published by Cyberjagu, one of the members at Kickass underground forum, which is known for trading compromised data and intellectual property stolen from various companies. Later, the same offering has been published on XSS and Raidforums by actors with different monickers.
The hackers claimed they were able to steal the source code of FIFA 21, as well as the server code for matchmaking. In addition, the source code and tools for the Frostbite engine, which is used in a number of EA games, including Battlefield, were also stolen.
All in all, the hackers say they have 780 GB of data and advertise it for sale on various underground hacking forums. According to sources, the starting point of the breach could be in a compromised Slack account, later used by threat actors to target other segments of EA Games network infrastructure with help of social engineering.
EA Games have already confirmed the leak, but according to the company, user data has not been affected
“We are investigating a recent invasion of our network in which a limited amount of the game’s source code and related tools were stolen. Player data has not been accessed and we have no reason to believe that there is any risk to player privacy. After the incident, we have already made improvements to the security system and do not expect that this will affect our games or our business, “- noted EA Games spokesperson.
The press service of Electronic Arts reported that the data of the players were not affected during the attack, so users should not worry about the leak. It is also reported that after the discovery of the hack, EA Games specialists took all measures to improve security.
After the incident, the company increased their security – EA Games stated that the incident should not affect the stability of the games themselves. EA Games is now working with law enforcement to investigate the incident.
Catch up on more articles here
Follow us on Twitter here