Ubisoft says that it is investigating media claims that the Egregor ransomware gang has published a 558 GB archive of the source code and resources of the video game Watch Dogs: Legion on file-sharing site networks.
The Egregor group claims that it obtained the source code of the newest game in the Watch Dogs series, following a security breach of Ubisoft’s internal servers.
If it really is the source code of Watch Dogs: Legion then it may be that the Egregor gang released it after failing to extort any money from the video game developer.
In an ironic twist, Watch Dogs: Legion features a hacking group called DedSec, fighting against authority in a near-future version of London.
On the “Hall of shame” section of a website purporting to belong to the Egregor gang, damning claims were made last month about Ubisoft’s poor security practices:
This developer if nominated not just for Hole of the Month. But also for the Clown of the Month Award.
We found source codes in free access in the main network. Passwords in the doc files without any protection, all the employees and developers data and personal information, contract, game engines and a lot of more.
Guys, if the goal of the last mission in your game about hackers was the hack of your company, we’ve done it. There’s our prize?
The game WATCH DOGS: LEGION was completely downloaded from your company servers.
There’s a possibility that soon we will make a present to all fans. We will compile and upload the game to public access.
The games of such level should be distributed freely. Nobody should take money for this.
Hopefully it should go without saying that anyone considering downloading stolen video game source code from file-sharing sites should be extremely cautious.
After all, there’s nothing to stop whoever has chosen to distribute the code from hiding something malicious within in it… perhaps even using the opportunity to install ransomware on the PCs of unsuspecting video game fans.
The Egregor ransomware gang is making something of a name for itself targeting video game companies lately, having previously attacked Crytek and most recently, in the last few days, Resident Evil video game maker Capcom.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.