Cyberpunk Developer Hit with Ransomware Attack

Cyberpunk Developer Hit with Ransomware Attack

CD Projekt Red (CDPR) was the internet’s favorite developer just a few months ago, but the tide has turned following the troubled release of Cyberpunk 2077. In true cyberpunk fashion, things are getting even worse for CDPR today following a major cyberattack. The perpetrators claim to have swiped source code to the company’s games, as well as embarrassing internal documents. All will be released unless CDPR pays up, which it says it isn’t going to do.

The unnamed attackers were able to CDPR’s Perforce server, which is a software development and management platform. From this, the attackers claim to have extracted the source code for The Witcher 3 and Cyberpunk 2077. In addition, they vacuumed up PR, administration, and investor relation documents. This was technically a ransomware event, so the attackers encrypted CDPR systems.

The threat, then it two-fold: pay up to get the decryption key and prevent the perpetrators from releasing the data. CDPR points out it had backups and has already started restoring them — the Polish dev will not be negotiating with the attackers, so the release of data might be inevitable. Assuming, of course, that this isn’t a bluff on the part of the attackers. In its statement, CDPR clarifies that the stolen data does not contain any personal information belonging to players.

An investigation is ongoing, and CDPR says it has fixed the security hole that allowed the attackers access in the first place. It didn’t address the claim that sensitive information was in the wild and might appear for download at some point. Likewise, the developer didn’t talk about how, if at all, this attack will slow its progress on fixing Cyberpunk 2077.

Important Update pic.twitter.com/PCEuhAJosR

— CD PROJEKT RED (@CDPROJEKTRED) February 9, 2021

CDPR has been teasing Cyberpunk for the better part of a decade, but the launch in late 2020 was a disappointment for many. The game didn’t run well on current-generation consoles, and even on the PC, you needed a very expensive video card to turn on any of the fancy lighting effects. This is also coming at a time when high-end PC hardware is more expensive and harder to find than usual. The developer has promised several major updates to address the performance issues, but the design of the world has also drawn criticism. For example, Night City police will simply spawn on foot wherever you are when you’ve got a wanted level, but you can’t get in a car chase. Another thing you can’t do in Night City: get a haircut. That’s a little too close to reality right now.

Clearly, CDPR still has a lot of work to do on Cyberpunk, and this will probably delay things. If the attackers do end up releasing or selling the stolen data, maybe we’ll see some internal documents that help explain how Cyberpunk ended up such a mess.

Continue reading

Plex Media Servers Being Used to Amplify DDoS Attacks
Plex Media Servers Being Used to Amplify DDoS Attacks

The researchers claim that a Plex server, properly utilized, can increase the size of DDoS packets by almost five times, making these attacks much more damaging. There's not much Plex users can do about it right now, either.

Dutch Intelligence Tipped off FBI, NSA on Russian Cyber Attacks
Dutch Intelligence Tipped off FBI, NSA on Russian Cyber Attacks

The US has been certain the Russians hacked the DNC and State Department, and now we know part of why. It was Dutch intelligence operatives that hacked into some of Russia's own institutions — including their closed-circuit television cameras.

A New Wave of Spectre-Class Attacks May Be Coming for Intel CPUs
A New Wave of Spectre-Class Attacks May Be Coming for Intel CPUs

A new set of CPU vulnerabilities could be inbound, with up to eight different attacks said to target Intel CPUs — but we'd recommend adopting a wait-and-see approach.

Serious Rowhammer Attacks Can Now Be Carried Out Remotely
Serious Rowhammer Attacks Can Now Be Carried Out Remotely

Memory corrupting techniques used for local attacks can now be launched remotely, with no need for privilege escalation or direct system access.