New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

CD PROJEKT RED RANSOMWARE ATTACK

CD PROJEKT RED, the video game developer behind Cyberpunk 2077 and the Witcher trilogy, announced that it has been a victim of a ransomware attack that affected its network. The Polish gaming company said in a statement that the attackers breached their internal network and were able to steal data related to CD PROJEKT Capital Group before encrypting systems and leaving a ransom note. “We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them to fully investigate this incident,” CD PROJEKT RED stated. The attackers claim that they were able to steal the complete source code of Cyberpunk 2077, the Witcher 3, Gwent, and an unreleased version of Witcher 3. The attacker also alleged to have stolen accounting, administration, legal, HR, and investor relation documents before they encrypted the systems. According to CD PROJEKT RED, “We are still investigating the incident, however at this time we can confirm that —to our best knowledge — the compromised systems did not contain any personal data of our players or users of our services.” The company states that they will refuse to negotiate with the attackers and plans to restore their systems internally.

Analyst Notes

Negotiating and paying ransomware operators only emboldens them to carry out further attacks. It is highly recommended to never pay these attackers because once they have stolen a company’s data, there is no guarantee that the criminals will erase the data or that they will not leak the data after the ransom is paid. To mitigate systems being encrypted, the 3-2-1 rule for backups applies. Maintain three copies of the data on two different storage media with one of them being offsite. It is also recommended that in the event of an attack, to notify appropriate law enforcement agencies so that if the attackers can be identified, they can be prosecuted.

Source Article: https://www.bleepingcomputer.com/news/security/cd-projekt-red-gaming-studio-hit-by-ransomware-attack/