Update: Corrected starting bid info. Original article follows:
Yesterday, news broke that hackers breached CyberPunk 2077 studio CD Project Red (CDPR). The hackers gave CDPR 48 hours to respond to their ransom demands, and it seems that time is already up. The group claiming to be behind the hack has now posted the source code of CD Projekt Red's 'Gwent' card game on a hacking forum and claim to be auctioning off the source code for Witcher 3 and CyberPunk 2077 on the EXPLOIT forums with a starting bid of $1 million, or the option to buy it upfront for $7 million.
The hackers claim to have also obtained source files for Cyberpunk 2077, Gwent, and an unreleased version (probably for next-gen consoles) of The Witcher 3.
This is the source code to 'Gwent' card game. Witcher 3, CyberPunk 2077, etc is being auctioned today on EXPLOIT forums at a starting bid of $1,000USD.The ransomware authors said they will not be auctioning data anywhere else - any other location other than EXPLOIT is fake.February 10, 2021
As spotted by vx-underground, a well-known entity in the data security space, the data is already up for auction with a few sample bits of code available on the Exploit forum. The starting bid was set at $1,000,000 for the full cache, but it's easy to imagine it will sell for a much higher price.
Meanwhile, the leaked Gwent files also appear to have made their way to a handful of other forums, including 4Chan, with the main download hosted on Mega. We found traces of the threads, but they have since already been removed and de-activated. As such, we are unable to confirm the validity of the leak.
Either way, it appears Mega, 4Chan, and other forums are actively working to ensure the Gwent code, which appears to be the first leak installment to take place, doesn't end up in too many public hands.
Releasing the ransomed data in separate stages is a standard method to threaten the target. In this case, the hackers are using the tactic to remind CD Project Red that they are serious about the ransom.
However, it is important to note that, thus far, we have been unable to find the source files ourselves or confirm the original attack — all we have is CDPR's word about the attack, along with traces and screenshots of the data cache. CDPR has remained defiant in the face of the ransom demands, saying it won't cave into the demands.
Actually kind of thrilling... but not enough to make me quit my day job.
Did they fix the bugs in CP 2077?
Old school detective work there well done.
Sounds like something I would to.
And you never ever give into hacker demands ever. It will not encouraged them to do more. And they were untrustworthy to begin with. So you can't take them at their word.
I won't call myself a gamer anymore. I associate the word "gamer" now with overpriced motherboards, tacky LEDs, bi-polar kids cussing at each over garbled mics, raging chauvinism, charlatan developers, and the kind of mentally imbalanced pettiness highlighted in this article.
Screams "grounded in reality", doesn't it? I'll bet he's a minor.