New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Egregor Ransomware Claims Data Stolen from Crytek and Ubisoft

Late last week, the data leak site for the Egregor ransomware published a small amount of stolen data that they claim to have taken from video game development studios Crytek and Ubisoft. Neither Crytek or Ubisoft have confirmed the attacks or made any public statements. So far, a roughly 380MB zip archive with files stolen from Crytek and 20MB archive from Ubisoft have been published. Data from Crytek included information on several games, including one that was cancelled. Claims made by Egregor may hit Ubisoft the hardest, though, as the group claims that source code for the upcoming Watch Dogs: Legion game was also stolen in the attack.

Analyst Notes

With neither company confirming the attack, it is not yet known if the claims are true or how the infections began. If warnings by security researcher @malwrhunterteam earlier this year are anything to go by, however, it is likely that these attacks began through phishing campaigns. While video game development studios are likely to have backups of their games, ransomware infections still have a lot of potential for harm by leaking source code or other private information about design or development choices.