16 October 2020

Egregor ransomware gang leaks Ubisoft, Crytek data


Egregor ransomware gang leaks Ubisoft, Crytek data

The Egregor ransomware operators have published archives containing data allegedly obtained from internal networks of the major gaming companies, Ubisoft and Crytek, in two unrelated attacks. Data supposedly stolen from the two companies was posted on the group’s leak site, with threats from the Egregor gang to leak more files in the coming days.

At a present, it is unknown how the ransomware gang has managed to steal the data. While there is no sufficient evidence the Ubisoft hack is legitimate, sources told BleepingComputer that Crytek was indeed hit by the Egregor ransomware that encrypted the company’s files adding the '.CRYTEK' extension to them.

Additionally, the Egregor gang claims they have stolen unencrypted files from Crytec and posted a 380MB archive on their dark web portal. The data contains files related to WarFace, Crytek's canceled Arena of Fate MOBA game, and their network operations.

The Egregor ransomware operators also claim they have compromised Ubisoft's network and obtained unencrypted data, including the source code for the upcoming Watch Dogs: Legion game. On the leak site the gang has shared a 20MB archive with game assets that are allegedly part of Ubisoft's Watch Dogs game.

Neither Ubisoft nor Crytek did not provide any statements regarding the incident.

Back to the list

Latest Posts

French healthcare software company Apodis Pharma leaked over 1.7 TB of confidential data

French healthcare software company Apodis Pharma leaked over 1.7 TB of confidential data

The exposed database contained confidential business-related data, including pharmaceutical sales data and full names of Apodis Pharma partners and employees.
2 December 2020
DarkIRC botnet is actively targeting vulnerable Oracle WebLogic servers

DarkIRC botnet is actively targeting vulnerable Oracle WebLogic servers

The researchers found more than 3,000 internet-exposed Oracle WebLogic servers potentially vulnerable to attacks exploiting CVE-2020-14882.
2 December 2020
Malicious npm packages caught distributing Bladabindi RAT

Malicious npm packages caught distributing Bladabindi RAT

The two packages named jdb.js and db-json.js were created by the same author and were posing as the legitimate jdb and db-json libraries.
2 December 2020