Following Ubisoft cyber attack, hackers claim to leak Watch Dogs: Legion code online

Has game about hackers been hacked?

Graham Cluley
@gcluley

Ubisoft says that it is investigating media claims that the Egregor ransomware gang has published a 558 GB archive of the source code and resources of the video game Watch Dogs: Legion on file-sharing site networks.

The Egregor group claims that it obtained the source code of the newest game in the Watch Dogs series, following a security breach of Ubisoft’s internal servers.

If it really is the source code of Watch Dogs: Legion then it may be that the Egregor gang released it after failing to extort any money from the video game developer.

In an ironic twist, Watch Dogs: Legion features a hacking group called DedSec, fighting against authority in a near-future version of London.

Sign up to our newsletter
Security news, advice, and tips.

On the “Hall of shame” section of a website purporting to belong to the Egregor gang, damning claims were made last month about Ubisoft’s poor security practices:

This developer if nominated not just for Hole of the Month. But also for the Clown of the Month Award.

We found source codes in free access in the main network. Passwords in the doc files without any protection, all the employees and developers data and personal information, contract, game engines and a lot of more.

Guys, if the goal of the last mission in your game about hackers was the hack of your company, we’ve done it. There’s our prize?

The game WATCH DOGS: LEGION was completely downloaded from your company servers.

There’s a possibility that soon we will make a present to all fans. We will compile and upload the game to public access.

The games of such level should be distributed freely. Nobody should take money for this.

Hopefully it should go without saying that anyone considering downloading stolen video game source code from file-sharing sites should be extremely cautious.

After all, there’s nothing to stop whoever has chosen to distribute the code from hiding something malicious within in it… perhaps even using the opportunity to install ransomware on the PCs of unsuspecting video game fans.

The Egregor ransomware gang is making something of a name for itself targeting video game companies lately, having previously attacked Crytek and most recently, in the last few days, Resident Evil video game maker Capcom.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.