Newsroom News Breaking Comics Tags RSS
News video games 11 February 2021, 18:41

author: Tom Borys

Stolen Source Code of Cyberpunk 2077 and The Witcher 3 Sold

The auction where we could buy the data stolen from CD Projekt in a recent ransmoware attack, including the source code of Cyberpunk 2077 and The Witcher 3, among other things, has probably concluded with a deal.

The echoes of the ransomware attack on CD Projekt, during which unidentified perpetrators stole a huge amount of secret information belonging to the studio, continue. As we reported yesterday, the files obtained from CD Projekt were put up for auction on the darknet, the underground network offering convenient conditions for illegal transactions. Among the data on offer was the source code of Cyberpunk 2077, several different versions of The Witcher 3 and Gwent: The Witcher Card Game. Now KELA, an organization that monitors darknet traffic, says that the auction has already been closed:

Speaking for IGN, KELA analyst Viktoria Kivilevich explained that it looks like all the stolen data was sold in one fell swoop. It is currently impossible to say who made the purchase or what their intentions are. It is also hard to say anything about the final amount of money that changed owners in the transaction. The auction started with an asking price of one million dollars per pack of files, with the possibility of raising by half a million. However, if someone wanted to become the owner of all stolen data (which most likely happened), he had to reckon with the expense of 7 million dollars.

Stolen Source Code of Cyberpunk 2077 and The Witcher 3 Sold - picture #1
The source code of Cyberpunk 2077 can reveal many secrets.

There are reports that the "HelloKitty" group may be responsible for hacking into CD Projekt's internal network. This hypothesis finds supporters among others among experts in cybersecurity:

The success of the auction of CD Projekt's data does not necessarily mean that the role of hackers will end. A former studio employee claims that the data obtained by the criminals included sensitive information, e.g. enabling someone to take out loans on the names of persons employed by the company. CD Projekt officially denies these reports.