The unfortunate news just keeps piling on for Cyberpunk 2077 developer CD Projekt Red; after reports earlier in the week that the Polish video game company had become the victim of a targeted cyber attack, with the hackers in question leaving a ransom note including several demands and threats to leak source code — it appears the leaks have already begun, with the purloined CDPR source code being auctioned off to the highest bidder.
Source code repository vx-undeground, “the largest collection of malware source code, samples, and papers on the internet,” revealed that the unauthorized operators leaked hacked Cyberpunk 2077, free-to-play digital collectible card game Gwent and The Witcher 3 source code to an online forum populated by other hackers, with the bidding starting at a cool $1 million. According to the same bit of information from vx-underground, the hackers were also willing to part with the source code immediately for $7 million upfront.
Update: a mistake was made. They stated starting bid $1kk. This was assumed as a typo for $1,000. They meant $1,000,000. They are also selling immediately for $7,000,000.
— vx-underground (@vxunderground) February 10, 2021
Allegedly, the source code has found its way to other corners of the internet such as 4Chan and Mega, although the mods there have been diligent in removing anything that would enable the information, authentic or not, to end up in the wrong hands.
As of CDPR’s last response, the company has no plans to comply with any of the hacker’s demands; notwithstanding, the first portion of the hackers’ plan, that is, leaking the hacked Cyberpunk 2077, Gwent and The Witcher 3 source code is apparently already taking place. According to the ransom note, the hackers also “duped all of [CDPR’s] documents relating to accounting, administration, legal, HR, investor relations and more,” and plan to send the information to “[their] contacts in journalism” if they are not contacted by CDPR.
What do you think of the fact that hacked Cyberpunk 2077, Gwent and The Witcher 3 source code is being auctioned off for several million dollars on the internet? How should CDPR handle the situation? Let us know what you think in the comments.