Developers of Cyberpunk 2077, Witcher and other videogames suffer ransomware attack

CD Projekt Red, a videogame developing company, revealed this morning that it was the victim of a ransomware attack that compromised its IT systems and would have resulted in the theft of sensitive data. The developers of popular titles like Cyberpunk 2077 confirmed the news via Twitter.

In a ransomware attack, cybercriminals use powerful malware variants capable of encrypting access to files or entire computer systems, requiring victims to pay a ransom, usually in cryptocurrency, to restore affected resources to normal. This remains one of the most common and dangerous cyberattack variants.

The company revealed that the perpetrators of the attack left a ransom note threatening to publish all sorts of confidential details if their demands are not met, including the source code of their video games.

Projekt Red CD security teams are already restoring their systems using backups, which they claim have not been affected by this incident: “We will not give in to the demands of threat actors,” the company said. “We are taking the necessary steps to mitigate the negative impact of the attack, as well as contacting any user or organization that might be affected.”

The security report mentions that, so far, there is no evidence of the leakage of any personal record of its users.

On the ransom note, threat actors claim to have stolen the source code from titles like Cyberpunk 2077, Witcher 3 and Gwent, and claim to have stolen legal, accounting, administration and human resources documents: “YOU HAVE BEEN EPICALLY PWNED”, mentions the ransom note. Threat actors ensure that information will be shared with journalists, hacking groups and even video game piracy enthusiasts, dedicated to developing their own versions of a game from the theft of information as source code.

In this regard, security firm manager F-Secure Calvin Gan mentions: “While we still don’t know how cybercriminals gained access to affected systems, these kinds of incidents always remind us of the need to take a proactive stance to address threat actors; every organization must work to reduce the chances of a cyberattack.”

Cyberpunk 2077 has been targeting the cybersecurity community for days, when its developers warned of a security flaw that could allow a remote code execution attack by downloading a set of additional files, so they recommend avoiding the use of tools from unknown sources.