A ransomware gang that just emerged this month called ‘Egregor’ claims to have hacked the source code to the upcoming gaming release, Watch Dogs: Legion.
In both cases, cyber-criminals claim to have reams of information for the popular gaming titles.
In separate news, a popular fantasy title called Albion a massive multiplayer online role-playing game (MMORPG) has been hacked. Cyber-criminals are offering what they claim are game databases in underground forums.
Source Code Leaked
Watch Dogs: Legion is due to be released a week from now, on Oct. 29 – a highly anticipated release thanks to its 4K visuals, “ray tracing” capabilities & a planned Assassin’s Creed crossover.
The Egregor gang claims to have lifted both the code & some proprietary files from the game’s publisher, Ubisoft. Release of the source code would allow fans to develop game hacks & perform all kinds of “modding” (i.e., development of custom features) & jailbreaks.
The group also suggested that it has files Crytek relating to gaming titles such as Arena of Fate & Warface.
Leal Site
According to Egregor’s leak site portal by ZDNet, partial leaks for the hacks appear to have been posted. The operators emailed the outlet as well, noting that they only hacked Ubisoft & did not deploy its ransomware. Crytek, meanwhile, “has been encrypted fully.” In both cases, the companies have not responded to the incidents, according to the email.
“In case Ubisoft will not contact us we will begin posting the source code of upcoming Watch Dogs and their engine,” the hackers told ZDNet.
The data posted is somewhat inconclusive – the code in the portal could be from an older Watch Dogs version, for instance. In all, the data totals 20 MB from Ubisoft, & 300 MB from Crytek.
Siphoning Off
Egregor was first spotted in the wild in early Oct. & late Sept., using a tactic of siphoning off corporate information & threatening a “mass-media” release of it before encrypting all files.
Egregor is an occult term meant to signify the collective energy or force of a group of individuals, especially when the individuals are united toward a common purpose — appropriate for a ransomware gang. According to a recent analysis from Appgate, the code seems to be a spin-off of the Sekhmet ransomware (itself named for the Egyptian goddess of healing).
Neither company has acknowledged an attack.
‘Call of Duty’
There is some precedent for hacking claims like these to be false. In Sept., reports surfaced that 500,000 Activision accounts may have been hacked, impacting online Call of Duty (CoD) players.
The alleged breach was 1st flagged by the #oRemyy account on Twitter, & was quickly amplified by others, who claimed that accounts were being taken over & credentials changed, so that the legitimate users could not recover them. The claims were picked up by gaming news outlet Dexterto.com & others.
The gaming giant categorically disputed the claim as a widespread hoax.
Data Breach for Albion
Meanwhile, the Albion has disclosed a data breach resulting from an outside hack of its forum’s user database.
Albion is a fantasy-themed sandbox game in which players can go to battle, farm, forge alliances, defend territory, take on dragons & other monsters, & even invest in real estate. According to 1 tracker site, around 225,000 people play per day globally, & it has a total player base of 2.4m active users.
Observes game-owner Sandbox Interactive, the intruder was able to access forum-user profiles, including email addresses, encrypted (hashed & salted) passwords. No payment information was accessed, but the email addresses could be used in brute-force attacks on accounts.
Password
“If you have a forum account, you should, as a precaution, change the password to your Albion Online account,” the company noted. “Should you have also used the same password on other webpages or services, we strongly encourage you to change it there as well, & use unique passwords going forward.”
However, a hacker taking responsibility for the incident claims to have accessed much more than just emails & encrypted passwords. On an underground forum, someone is offering what they claim to be databases for payments, the main game & the forum, & source code for the Albion website & the forum.
https://www.cybernewsgroup.co.uk/virtual-conference-november-2020/
