The group, which claims to be behind a recent CD Project Red hack, is reportedly auctioning off stolen source code for Cyberpunk 2077 and The Witcher 3.
According to Tom’s hardware (via vx-underground), the files – which are said to contain an unreleased version of Witcher 3, possibly for PS5 and Xbox Series X / S – are sold on EXPLOIT forums with a starting bid of $ 1000.
The ransomware attack was allegedly committed by a group known as HelloKitty. It has also reportedly posted the source code for the CD Projekt Reds Gwent card game online, with the leak spread to several forums.
CD Projekt Red revealed on Monday that it had been the victim of a targeted cyber attack. In a statement, the developer said that some of its internal systems had been compromised and “certain data”
In an apparent ransom note published next to the statement, the culprits claimed that they had stolen the source code for the mentioned games, as well as documents related to the company’s accounts, legal, HR and more.
If CD Project Red did not “agree” with them within 48 hours, the culprits said they would sell or leak the content.
CD Projekt Red said it would not give in to the demands or negotiate with the people behind the attack, noting that this could eventually lead to the release of compromised data.
“We are taking the necessary steps to reduce the consequences of such a release, in particular by approaching parties who may be affected by the breach,” it said.
“We are still investigating the incident, but at this time we can confirm that – as far as we know – the compromised systems did not contain any personal data about our players or users of our services.”
CD Projekt Red said it had already approached relevant authorities, including law enforcement and forensic scientists.
On Tuesday, the company also issued a statement addressed to its former employees.
“At this time, we have no evidence that any of your personal data became available,” it said. “We still recommend caution (ie enable fraud alerts). If you have any questions, please write to our privacy team[at]http://cdprojektred.com. ”