Crytek Confirms Egregor Ransomware Attack, Game Data Theft

Crytek Confirms Egregor Ransomware Attack, Game Data Theft

In October 2020, the Egregor gang breached Crytek’s network and stole sensitive information from customers. The data was later published on the group’s dark web site.

Many months after the incident, the company revealed that it had suffered a cyberattack that compromised the personal information of some of its customers and game files. The acknowledgment was first reported to BleepingComputer.

“We want to inform you that Crytek was the victim of a ransomware attack by some unknown cyber-criminals,” Crytek said in a letter mailed to impacted customers. “During that attack certain data had been encrypted and stolen from our network. We took immediate action to prevent the encryption of our systems, further secure our environment, and initiate an internal and external investigation into the incident.”

Crytek confirmed that Egregor operators leaked documents stolen from their site, which included files related to the canceled Arena of Fate game, documents with information on its the company’s network operations, and files related to WarFace game.

“Based on our investigation, the information in some cases included individuals’ first and last name, job title, company name, email, business address, phone number and country,” Crytek revealed.

Crytek reassured affected customers by saying “the website itself was difficult to identify so that in our estimation, only very few people will have taken note of it.”

The company also noted that downloading the data would’ve taken too long, which would’ve prevented hackers from trying to download it. According to the company, the individuals who tried to download the files were dissuaded by the possibility of exposing their systems to potentially harmful software.

The truth is, threat actors, know the dangers linked to this kind of data and would download and open it in a virtual machine.

Despite Crytek’s attempts to downplay the seriousness of the data breach, many threat actors will likely download the leaked files and share them with other cybercriminals.

“While we are not aware of misuse of any information potentially impacted, we are providing this notice as part of our precautions,” Crytek added.

Egregor is a well-known cybercriminal group that has attacked various companies and organizations in the past. Some of these include Barnes and Noble, Kmart, Wal-Mart, and Sears.


About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.