For the second time this month, the ransomware Egregor gang appears on the cybersecurity media site’s headlines. This time, they claim to have hacked the source code of Watch Dogs: Legion.
And that’s not all. They have also hacked a popular fantasy title called Albio, a massive multiplayer online role-playing game.
But unfortunately for Crytek company, the group also claims to possess files from other gaming titles like Arena of Fate and Warface.
What’s the truth behind the Egregon Gang cyberattack?
Egregor Gang Targeted Recent Game Titles
As it was mentioned, one of these recently launched game titles is Watch Dogs: Legion. Its release (on October 29) was highly anticipated due to its “next-gen” features like ray tracing and 4K visuals.
And because cybercriminals’ favorite tool is media attention, the Egregor gang didn’t doubt for a second to lift both the code and proprietary files from Ubisoft (game’s publisher).
They’re now offering the stolen databases in underground forums. With those released source codes, fans can now develop game hacks (“mods”) and jailbreaks.
Most of the presented information comes from Egregor’s site portal itself, where game hacks were leaked. The other part comes from emails written by themselves, claiming to have achieved their goals, “without even deploying ransomware.”
But those claims only count for Ubisoft systems. Because Crytek “has been fully encrypted.” According to this email, any of the two have acknowledged or responded to the attack.
If we don’t badly remember and forget about other cases, this one would count as Egregor’s fifth big attack spotted in the last 6 months. We heard about them in early October and late September, so it’s possible we’ll keep hearing about them later on.
And because of how recent these attacks have been, some speculate that the data posted on both their Twitter account and site portal is somewhat, inconclusive: being from an older Watch Dogs version, for example.
That would explain why they have only extracted 20 MB of data from Ubisoft and 300 MB from Crytek.
Let’s not forget about the other attack: Albion online.
Egregor Gang Targeted Albion Online
Albion is a fantasy-themed role-playing game that has amasses a total player base of 2.4 million active users (around 225,000 play every day).
In this case, the data breach was provoked by an outside hack to its forum’s database.
According to information provided by Sandbox interacted (game-owner), intruders got themselves access to user’s credentials: email addresses and passwords.
Thankfully, the payment information wasn’t accessed/leaked but such login data can be used to brute-force accounts in the future. Although that’s not what everyone says.
Threat actor claims he hacked Albion Online, a large MMORPG with over 180,000 daily players.
The actor is claiming he has access to the main game’s database, the payment database, and other databases containing sensitive information. pic.twitter.com/M8Qk3pI2rK
— Alon Gal (Under the Breach) (@UnderTheBreach) October 17, 2020
The team responsible for Albion has officially “closed off access to hackers” and is now “running additional checks to ensure the integrity of our systems.”
They conclude: “Because the safety of your data is a top priority for us, we will also be executing a full security review of all our systems to ensure your information remains absolutely safe.”
A recent analysis from Appgate security firm shows that the code used by the group is similar to the Sekhmet ransomware, which is the name of the Egyptian goddess of healing. It may point out some of their occult reasoning behind their attacks.
While no-one knows entirely why they do it, we all know that this Gang is pushed strongly to one deep purpose. Claims like this are being picked up almost every week by gaming news outlets like Dexerto.
For example, it was in September when Activision denied (but surely suffered) 500,000 hacked accounts, affecting a large group of online Call of Duty (CoD) players. While the attack may seem distant to your business model…
You never know when it may happen to yours. Are you ready for it?
If you aren’t, then our team of cybersecurity experts can guide you to the protection of your online infrastructure.