CD Projekt Red hackers have reportedly stopped auctioning source codes acquired from a ransomware attack on the video game company’s networks after receiving an offer that “satisfied” them. The transaction was believed to have included source codes of the Red Engine and other AAA titles.
CD Projekt Red hackers find buyers for stolen source codes
The developer of “Cyberpunk 2077” confirmed last Tuesday that its networks had fallen victim to a ransomware attack the day before. A statement was released along with a Notepad message from the hackers telling CD Projekt Red to contact them so they could come to an agreement and prevent the leak of crucial source codes.
After CD Projekt Red announced it was not planning on negotiating with the hackers, various sources confirmed that some of the stolen source codes were leaked online. The more crucial files were reportedly auctioned off on the dark web.
vx-underground reported on early Tuesday that the source code for the free-to-play card game “Gwent” was leaked online. The same page reported a few hours later that the source codes for “Cyberpunk 2077,” “The Witcher 3,” “Thronebreaker: The Witcher Tales,” and the unreleased RTX version of “The Witcher 3” with ray tracing support.
Update: a mistake was made. They stated starting bid $1kk. This was assumed as a typo for $1,000. They meant $1,000,000. They are also selling immediately for $7,000,000.
— vx-underground (@vxunderground) February 10, 2021
Attached images supplied by @DrFurfagMD pic.twitter.com/JnOcwnGqZk
The same source noted that the auction took place in a dark web forums platform called Exploit with a high-stakes requirement to participate in the bidding. The auction started at $1 million, and $500,000 is the minimum required bid. The hackers also offered a flash purchase option for $7 million. Darknet intel page KELA also reported that participants were required to pay 0.1 BTC (around $4,600) to enter the auction.
Just in: #CDProjektRed AUCTION IS CLOSED. #Hackers auctioned off stolen source code for the #RedEngine and #CDPR game releases, and have just announced that a satisfying offer from outside the forum was received, with the condition of no further distribution or selling. pic.twitter.com/4Z2zoZlkV6
— KELA (@Intel_by_KELA) February 11, 2021
On early Thursday, KELA reported that the auction had been closed by the CD Projekt Red hackers after receiving a satisfying offer, although the amount was not disclosed. The seller also said the deal was made, “With the conditions of further non-distribution, in this regard, they were forced to withdraw the lot from sale.”
CD Projekt Red says players’ data weren’t compromised
CD Projekt Red has yet to address reports that source codes of its AAA games and game engine. But in the same statement released earlier this week, the company assured fans that their personal data were not included in the files compromised in the ransomware attack.
Reports about the auction have also not mentioned other company files that were first reported as included in the cyber attack. In the ransom note, the hackers said that they would also dump files about CD Projekt Red’s “accounting, administration, legal, HR, investor relations and more.”