Held for Ransom: CD Projekt Red
by Avery Stengele, Editor
Arts and Entertainment
This past February, popular video game developer CD Projekt Red (CDPR) became the victim of a detrimental cyber attack. The alleged hacker group, known as HelloKitty, stole the source codes of Cyberpunk 2077, Gwent, and The Witcher 3.
But how did this happen? And what is a source code?
A source code is the key component of a computer program. Source codes are used for nearly everything, from commands and customizations to the very structure of a game itself. If an outside party, say a hacker group, stole the source code of a game, they would not only possess information on how to destroy the game and also the personal information of employees working on said game. Source codes also contain future project material and the personal data of players.
So, when HelloKitty announced that they had stolen and sold the source codes during a dark web auction, gamers and employees alike were understandably concerned. CDPR immediately informed all employees to change any and all personal data and passwords, including credit cards, and to watch for identity theft. As icing on the cake, HelloKitty locked most employees out of their work accounts, delaying the major 1.2 patch update for Cyberpunk 2077.
Before the whole auction fiasco, HelloKitty had held the source codes up for ransom. It is unclear how much money or other data they wanted from CDPR, but the company refused to accept any demands. Below is the official image of HelloKitty’s message from CDPR’s Twitter. Less crude versions of the blacked-out words are “toilet” and “poorly.”
Contrary to the language of HelloKitty's ransom note, the hacker group is not composed of middle schoolers with a love for exclamation marks. HelloKitty runs their own ransomware against unsuspecting companies, creating a customized message such as the one above once they have successfully duplicated all information and killed any firewalls. Each notepad contains a URL leading to a dark web chat room, where victims negotiate and talk with the ransom group. However, little is known about the individuals running the group.
The auction reportedly started on EXPLOIT at one million dollars, with a 500 thousand bidding increment and a seven million final price. HelloKitty stated that they did find and sell to a buyer. But, security experts and a team of investigators explain that HelloKitty was most likely unsuccessful in selling the source codes and was attempting to save face. Besides the untrustworthy statement made by HelloKitty, there is no viable evidence that a bidder actually purchased the codes. No information regarding CDPR and their customers has been made public by HelloKitty.
DISCLAIMER: The opinions, beliefs, and viewpoints expressed by the various authors in this paper do not necessarily reflect the opinions, beliefs, and viewpoints of Kamiak High School or The Gauntlet.
Sources
Abrams, Lawrence. “HelloKitty Ransomware behind CD Projekt Red Cyberattack, Data Theft.” BLEEPING COMPUTER, 9 Feb. 2021, www.bleepingcomputer.com/news/security/hellokitty-ransomware-behind-cd-projekt-red-cyberattack-data-theft.
Orland, Kyle. “CD Projekt Red Source Code Reportedly Sells for Millions in Dark Web Auction [Updated].” ARS TECHNICA, 12 Feb. 2021, arstechnica.com/gaming/2021/02/cd-projekt-red-source-code-reportedly-sells-for-millions-in-dark-web-auction.
Strickland, Derek. “Cyberpunk 2077 Source Code Hack Halts Update Development for Weeks Read More: Https://Www.Tweaktown.Com/News/78009/Cyberpunk-2077-Source-Code-Hack-Halts-Update-Development-for-Weeks/Index.Html.” TweakTown, 25 Feb. 2021, www.tweaktown.com/news/78009/cyberpunk-2077-source-code-hack-halts-update-development-for-weeks/index.html.
Wallask, Scott. “Source Code.” TechTarget, 2021, searchapparchitecture.techtarget.com/definition/source-code.