Ransomware Gang Leaks Data From Ubisoft And Crytek

Published: October 16, 2020 8:57 AM /


A promo image for Watch Dogs: Legion by Ubisoft, one of the companies implicated in the Egregor ransomware leak

Data belonging to major gaming companies Ubisoft and Crytek has been leaked by a ransomware group. The group, which calls itself Egregor, says it got the data from Ubisoft and Crytek's internal networks.

What data has been stolen from Ubisoft and Crytek?

According to ZDNet, the Ubisoft data stolen by Egregor seems to imply that the group has access to source code from a Watch Dogs game. It's impossible to determine which game it is, as the folder purported to show the data only makes reference to the generic Watch Dogs brand name. It does, however, contain several assets seemingly related to character customization, animations, and other art assets. Egregor itself has claimed it has the source code for the upcoming Watch Dogs Legion, but we don't know if this is what's being shown in the folder.

The Ubisoft data leaked by Egregor according to ZDNet
The Ubisoft data leaked by Egregor. Image courtesy of ZDNet.

The Crytek leak was perhaps more severe, as Egregor obtained over 300MB of data from that studio compared to the 20MB it managed to take from Ubisoft. Egregor's stolen Crytek data includes assets and information regarding ongoing Crytek projects like free-to-play MOBA Arena of Fate and FPS Warface, as well as info pertaining to "social gaming network" Gface. In addition to assets, Egregor also managed to get hold of internal production documents and meeting minutes.

Crytek data stolen by Egregor, according to ZDNet
Stolen Crytek data taken by ransomware group Egregor. Image courtesy of ZDNet.
A stolen production plan for Arena of Fate
A production plan for Arena of Fate, stolen by ransomware group Egregor. Image courtesy of ZDNet.
The minutes of a meeting for Arena of Fate
The minutes of a meeting about Arena of Fate, stolen by ransomware group Egregor. Image courtesy of ZDNet.

How did this ransomware group steal the data?

Ransomware groups generally operate thusly: stealing a company's data, encrypting files so they're useless to the original owner, then asking for payment in order to decrypt said files. Egregor says it breached both Ubisoft and Crytek's networks. In the case of Ubisoft, Egregor stole the data, but didn't encrypt the files. Conversely, the Crytek files they took have "been encrypted fully". Egregor also says that neither Ubisoft nor Crytek have "engaged in discussions" with the group about the data, and a ransom hasn't officially been requested. If Ubisoft doesn't contact Egregor, the group is threatening to release source code for Watch Dogs: Legion, which it claims it possesses.

According to ZDNet, neither Ubisoft nor Crytek responded to emails requesting comment on these leaks. Neither company reported security breaches, either, suggesting that the impact of this ransomware attack was limited to behind-the-scenes office data and backend work. We'll have more for you on this data breach as we get it.

What do you think about this ransomware attack? Let us know in the comments below!

Have a tip, or want to point out something we missed? Leave a Comment or e-mail us at tips@techraptor.net

Joe Allen's profile picture
| Senior Writer

Joe has been writing for TechRaptor for five years, and in those five years has learned a lot about the gaming industry and its foibles. He’s originally an… More about Joseph