According to new reports, passwords to CD Projekt source code archives for The Witcher 3 and several other games, which were breached in 2021, have now been leaked.
The HelloKitty Ransomware group has rebranded itself HelloGookie with a new site and has disclosed passwords for previously compromised CD Projekt source code, Cisco network data, and decryption keys from past breaches as first pointed out by @3xp0rtblog. Additionally, they have also regained access to their deleted account on the Exploit forum.
The leaked CD Projekt data in question comprises 450 GB uncompressed files containing source code for Witcher 3, Gwent, Cyberpunk, various console SDKs (PS4/PS5, XBOX, NINTENDO), and some build logs.
While HelloKitty, now known as HelloGookie, has not reported any new victims or recent attacks, as part of their rebranding, they have released four private decryption keys to unlock files from previous attacks and internal data obtained from Cisco in a 2022 breach, as well as passwords for leaked source code for Gwent, Witcher 3, and Red Engine stolen from CD Projekt in 2021.
Furthermore, the data leak site includes four secret decryption keys for an earlier HelloKity ransomware version, which would enable certain victims to get their files back for absolutely nothing. Additionally, a list of NTLM (NT LAN Manager) hashes, or encrypted account passwords, purportedly recovered following a security breach, is also included in the Cisco section on the data leak website.
While this leak may offer insights into CD Projekt’s game development process, as the source code exposes their techniques, it may not be particularly noteworthy for most PC gamers, especially considering that CD Projekt plans to release the REDkit Modding Tools for The Witcher 3 in 2024 on PC. With these tools, users will have the capability to create a wide range of content for The Witcher 3.
For those who do not know, HelloKitty is a ransomware operation that was first discovered in November 2020 and is well-known for its ability to encrypt items, steal data, and attack company networks. In February 2021, they did their first well-publicized breach against CD Projekt Red, the company behind the games Cyberpunk 2077, Witcher 3, and Gwent, which even the company accepted.
For constant updates, keep following Gamevro.
