The cyber attack on Cyberpunk 2077 developer CD Projekt was likely orchestrated by the identical ransomware gang liable for targeting Brazillian energy company CEMIG late very last year.
Which is in accordance to Emsisoft CTO Fabian Wosar, who shared his findings regarding this week’s attack on Twitter.
The ransomware gang responsible for the incident is known to security scientists as ‘HelloKitty’, named following the mutex deployed when the malware executable is introduced, as stated by BleepingComputer.
Wosar arrived to the summary following evaluating the ransom notes remaining on both occasions and acquiring convincing similarities. He also debunked the possibility that the attack on CD Projekt was orchestrated by a previous worker or a client left unsatisfied by the developer’s most recent release, Cyberpunk 2077. Following its launch in December 2020, the video game had garnered headlines owing to staying plagued with bugs.
“This has practically nothing to do with disgruntled gamers and is just your regular ransomware,” he explained on Twitter. “I can see the appeal of the ‘this was revenge by a former fan’, but lifetime is a great deal more tedious than that.”
The total of folks that are imagining this was done by a disgruntled gamer is laughable. Judging by the ransom be aware that was shared, this was performed by a ransomware group we observe as “HelloKitty”. This has nothing to do with disgruntled gamers and is just your average ransomware. https://t.co/RYJOxWc5mZ
— Fabian Wosar (@fwosar) February 9, 2021
In a statement confirming the attack, CD Projekt created it clear that they ended up not intending to give in to the hackers’ requires nor spend the ransom.
Questioned about the likely repercussions of this determination, Wosar informed IT Pro that the knowledge acquired by HelloKitty, which consists of paperwork made up of accounting, administration, authorized, HR, and investor relations facts, “will most possible be leaked”.
Speculating about the id of the hackers, Wosar stated that he “wouldn’t be stunned if the team or the affiliate who pulled off the hack grew up with western culture”.
“They surely have a much better command of the English language than your common ransomware thug. The ransomware is also missing the common examine for CIS nations,” he added.
In accordance to Wosar, HelloKitty has been lively considering the fact that November 2020. In December, the group targeted Brazillian electrical energy service provider CEMIG in an endeavor to get a significant quantity of the company’s information. The business stated that the ransomware attack “caused restricted damage” but managed to impact the company’s on-line support to its prospects.
Some parts of this write-up are sourced from: