has leaked data supposedly from the internal networks of two of today’s largest gaming companies – Ubisoft and Crytek.
🚨Breaking: new #Sekhmet #Ransomware (spin-off?) calling itself #Egregor. Extension random but has an XOR'd filemarker. Note still "RECOVER-FILES.txt" (https://t.co/hgsvJaoCr1) with a new site. pic.twitter.com/4Q3kdOapK7— Michael Gillespie (@demonslay335) September 18, 2020
Data allegedly from each company was released on the ransomware gang’s dark web portal on Tuesday.
Details of how the egregor gang obtained the data remain unclear.
Ransomware gangs like Egregor routinely harm businesses, steal their data, encrypt files, and demand a ransom to decrypt the locked data.
In many cases, however, gangs of ransomware are intercepted and thrown off networks during the data extraction process, and files are never encrypted. Even so, they are still blackmailing companies and asking victims for money so as not to lose sensitive files.
When negotiations collapse, gangs of ransomware usually publish a partial leak of the stolen files on so-called leaks.
On Tuesday, leaks for Crytek and Ubisoft were published on the Egregor portal at the same time. The ransomware crew threatened to lose more files in the coming days.
For the Ubisoft leak, the Egregor group released files to indicate that they were in possession of the source code of one of the company’s Watch Dogs games. On their web portal, the group indicated that they owned the source code for the Watch Dogs: Legion game, which is due to be released later this month. However, it was impossible to verify that these files were from the new game and not from an existing version.
Security researchers have been around for a year tried to contact Ubisoft and notify them The point is that some of its employees are phishing with no results, which may be an indication of how the hackers got it.
While hackers only lost 20MB from Ubisoft, they lost 300MB from Crytek, and that data contained a lot more information.
The Crytek files contained documents that appeared to have been stolen from the company’s game development department. These documents included resources and information about the development process for games like Arena of Fate and Warface, but also Crytek’s old Gface social game network.
Neither Ubisoft nor Crytek responded to emails for comment on the leaks. None of the companies reported major security incidents or unusual and prolonged downtime for weeks, which suggests that the Egregor intrusion likely had no impact on the cloud and gaming system, but only on the backend office and work networks, where most of the ransomware incidents occurred usually cause damage.
However, in an email interview with ZDNet, the Egregor gang announced more details about the two incidents. The ransomware operators said they breached Ubisoft’s network but only stole data and did not encrypt any of the company’s files.
“Crytek was completely encrypted,” said the Egregor crew to ZDNet.
The Egregor Group said none of the companies had held talks despite their interventions, and no ransom had been officially requested.
“If Ubisoft does not contact us, we will publish the source code of the upcoming Watch Dogs and their engine,” threatened the group and promised to publish more data in a press release tomorrow.
These were the details of the news Ubisoft, Crytek data posted on the ransomware gang’s website for this day. We hope that we have succeeded by giving you the full details and information. To follow all our news, you can subscribe to the alerts system or to one of our different systems to provide you with all that is new.
It is also worth noting that the original news has been published and is available at de24.news and the editorial team at AlKhaleej Today has confirmed it and it has been modified, and it may have been completely transferred or quoted from it and you can read and follow this news from its main source.