The ransomware gang Egregor has begun to leak data it claims to have obtained from the internal network of two of the world’s largest gaming companies — Ubisoft and Crytek. Data allegedly taken from each company was published on the ransomware gang’s dark web portal in October of 2020.
How exactly the Egregor gang obtained the data remains unclear. Still, it is common practice for ransomware gangs like Egregor to breach companies, steal their data, encrypt files, and ask for a ransom to decrypt locked data.
Sometimes, if negotiations break down, ransomware gangs will post a partial leak of the stolen files on so-called leak sites. Leaks for both the Crytek and Ubisoft data were posted on the Egregor portal simultaneously, along with threats from the ransomware crew to leak additional files unless they receive payment.
Reports say that security researchers have tried to notify Ubisoft about several of their employees getting phished for the past year. This may be how the hackers gained access to the information. But while hackers leaked only 20 MB from Ubisoft, they leaked a whopping 300 MB from Crytek. The Crytek files included documents from the company’s game development division. These docs contained sensitive information about the development process of popular games like Arena of Fate and Warface.
In an email interview with ZDNet, the Egregor gang provided some additional details about the two incidents. The hackers said they breached the Ubisoft network, but only stole the data and did not encrypt any company’s files.
Conversely, “Crytek has been encrypted fully,” the Egregor crew told ZDNet.
The Egregor group has stated that neither company engaged in discussions, despite the attacks, and the hackers officially requested no ransom as of yet.
“In case Ubisoft will not contact us, we will begin posting the source code of upcoming Watch Dogs and their engine,” the group threatened, promising to publish more data in subsequent press releases.
If you are still having trouble, consider contacting remote technical support options.