Hackers of CD Projekt Crimson threaten to public sale stolen supply code
The video game developer behind the popular The Witcher and Cyberpunk 2077 series now faces a major cybersecurity dilemma that stems directly from its latest sci-fi action game.
Polish developer CD Projekt Red announced earlier this week that its servers had been compromised by an “unknown actor” who had managed to gain unauthorized access to the company’s internal network in order to copy data before the servers from CD Project Red were encrypted. The data copied by the hackers included source code and internal documents related to accounting, administration, legal, human resources and investor relations.
Hackers said they had received special source files for the games Cyberpunk 2077 and Gwent – a spin-off of the The Witcher card series. The malicious actors also claimed to have the source code for an unreleased version of The Witcher 3: Wild Hunt, which is believed to be intended for next-generation consoles.
The perpetrators sent CD Projekt Red a note along with the ransomware attack, in which the developer had 48 hours to pay a ransom so that the copied data would not be lost online.
In response to the threat, CD Projekt Red said it “would not give in to demands or negotiate with the actor as it may be aware that doing so could ultimately lead to the publication of the compromised date”. The developer also said it was taking steps “to mitigate the consequences of such a release, particularly by reaching out to interested parties”.
The 48 hours have now passed, and the perpetrators seem to make good on their threat. The Twitter user and data security expert vx-Underground reported that the copied data can already be auctioned in the Russian hacking forum EXPLOIT. The hackers reportedly set the starting bid for the entire data cache at $ 1 million.
Toms’ Hardware reported that the Gwent files were posted on other forums like 4chan, with the main download being hosted on Mega. However, it seems that these forums are working to prevent the code leak from spreading too much as there is evidence that the posts hosting the stolen files will be deleted.
CD Projekt Red has not yet responded to this threat, but Eurogamer reported that the company posted on social media urging its former employees to take precautionary measures following the cyberattack.