CD Projekt Red Hackers Allegedly Ready To Auction Stolen Source Code

The reception area at CD Projekt’s office in Warsaw, Poland.
The reception area at CD Projekt’s office in Warsaw, Poland.
Photo: CD Projekt

Earlier this week, Cyberpunk 2077 developer CD Projekt Red announced that its cybersecurity had been compromised, resulting in attackers gaining access to various internal files. Now, it appears as if those hackers are ready to cash out with a big-money auction of the data, which allegedly includes source code for some of the Polish studio’s biggest games.

Advertisement

According to malware data aggregator vx underground (h/t Tom’s Hardware, Eurogamer), the CD Projekt Red hackers have apparently surfaced on Exploit, a Russian hacking forum. Screenshots show a user named redengine claiming to have source code for Cyberpunk 2077, The Witcher 3: Wild Hunt (both the original game and an upcoming raytracing-enabled version) and Thronebreaker: The Witcher Tales.

The dump is also said to include a variety of internal documents and what the seller vaguely refers to as CD Projekt Red “offenses,” though the studio assured former employees yesterday that no personal information was accessed.

The auction starts in roughly 14 hours with a starting bid of $1 million, though there’s some doubt in hacking circles it will get anywhere close to that amount. The Exploit forum post also says that the data is available for a flat payment of $7 million before things get under way.

Similar to what we saw with last year’s Capcom hack, bits and pieces of the stolen CD Projekt Red files have allegedly started to make the rounds online. A now-deleted 4chan post included what appeared to be a download link for the Gwent source code; Kotaku has not been able to verify its authenticity.

CD Projekt Red previously stated that it will not be playing ball with the hackers.

“We will not give in to the demands nor negotiate with the actor, being aware that this may eventually lead to the release of the compromised data,” the studio said in an official statement on Monday. “We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.”

Staff Writer, Kotaku

DISCUSSION

istrasci
istrasci

More like Cyberpunk’d, am I right?