Just launched, the game Watch Dogs: Legion features hackers who are members of an organization called Dedsec whose mission is to prove that they are not responsible for several bombings in London. Developed by Ubisoft Toronto, this third installment of the license Watch Dogs has just been the subject of a major hack. How ironic, isn’t it?
Indeed, more than a month after claiming the hacks of Ubisoft’s development studios (Watch Dogs, Assassin’s Creed) and Crytek (the origin of Crysis or even the first Far cry), the hacker group Egregor has just published the source code as well as the development tools of these two editors.
Several hundred gigabytes of stolen data
At the beginning of November, Egrego therefore published two batches of files representing 558 GB of data. The first batch would contain Crytek development tools. The second would bring together the source code of Watch Dogs: Legion as well as several proprietary software from Ubisoft.
Egregor declared that he held “All data of employees and developers as well as their personal information”. For the moment, this information has not been published.
Ubisoft “clown of the month”
And for good reason, Egregor’s goodwill is based on ransomware (ransomware), a process of stealing confidential data and information and then demanding a ransom so as not to disclose it publicly. This first burst of publications therefore sounds like a warning to Crytek and Ubisoft.
Meanwhile Egregor does not hesitate to advertise on the backs of his victims. As Le Monde explains, the way the hacker group published this data is particularly cynical.
When publishing the data, Egregor took the opportunity to mock the French publisher by awarding him the prize for “Security breach of the month” as well as that of “Clown of the month”. The reason: Ubisoft would have stored “Source codes freely accessible on its main network”, a serious mistake in computer security.
Following this data breach, Ubisoft told the World “Be aware of the group’s claims and are currently investigating a potential data security breach”.