Ransomware attack on indie game maker wiped all player accounts

A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game. Ethyrial: Echoes of Yore is a free-to-play old-school MMORPG developed by indie game publisher 'Gellyberry Studios. The title is available on Steam as an 'Early Access' release, meaning it is still in an early development phase and relies on monthly subscriptions and community support to continue its development. As announced on the game's official Discord channel, ransomware actors attacked the main server and encrypted all data, including local backup drives, demanding payment in exchange for a decryption key. The game developers do not trust that paying the attackers guarantees the provision of a decryption key, so they decided to restore all affected systems manually. "Last Friday morning, our server fell victim to a cryptographic ransomware attack, which systematically encrypted all data on the system/local backup drive and left a ransom note to pay in Bitcoin to decrypt the files," reads the announcement. "In cases like this, hackers will often take a payment and never provide the decryption key. As such, we were forced to rebuild the server and create new account and character databases." The incident impacts all 17,000 player accounts and their in-game characters, who have been lost now, but Gellyberry says they will manually restore everything that was lost "To the fullest extent possible for everyone affected." Impacted players will get all their items and progress back, plus a premium "Pet" as a gesture of appreciation for their understanding and support. The game developer also promised to increase the frequency of taking offline account database backups, implement a P2P VPN for all remote access to the development server, and only allow a specific IP address range to access it. This is not the first time a game publisher has been targeted in ransomware attacks, but they usually impact the company rather than the players. A notable case of a ransomware attack on a game publisher is the February 2021 attack on 'Cyberpunk 2077' and 'Witcher 3' developer CD PROJEKT RED, carried out by HelloKitty ransomware. In January 2023, Riot Games, the creator of popular titles like 'League of Legends' and 'Valorant,' faced a ransom demand of $10,000,000 from hackers, who threatened to release stolen source code unless the payment was made. MGM casino's ESXi servers allegedly encrypted in ransomware attack. Toronto Public Library outages caused by Black Basta ransomware attack. Meet LostTrust ransomware - A likely rebrand of the MetaEncryptor gang. Healthcare giant Henry Schein hit twice by BlackCat ransomware. Ardent hospital ERs disrupted in 6 states after ransomware attack.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Ransomware attack on indie game maker wiped all player accounts

Ransomware attack on indie game maker wiped all player accounts - A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game. Ethyrial: Echoes of Yore is a free-to-play old-school MMORPG developed by indie game ...
11 months ago Bleepingcomputer.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com
Regenerate and Conquer: Wolverine's Real-Time Damage System to Dominate the Gaming Landscape - Marvel's Wolverine has leaked details which suggest that the game will use advanced features, even those that are not available on current PlayStation 5 hardware, to play the game. In the recent Insomniac data breach, a new rumour has been ...
10 months ago Cysecurity.news
Black Basta ransomware made over $100 million from extortion - Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. Over 329 victims ...
11 months ago Bleepingcomputer.com
CVE-2021-42016 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago
CVE-2021-42017 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Qilin ransomware claims attack on automotive giant Yanfeng - The Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors, one of the world's largest automotive parts suppliers. Yanfeng is a Chinese automotive parts developer and manufacturer focused on interior ...
11 months ago Bleepingcomputer.com
Fragging: The Subscription Model Comes for Gamers - The video game industry is undergoing the same concerning changes we've seen before with film and TV, and it underscores the need for meaningful digital ownership. Twenty years ago you owned DVDs. Ten years ago you probably had a Netflix subscription ...
9 months ago Eff.org
Kasseika ransomware uses antivirus driver to kill other antiviruses - A recently uncovered ransomware operation named 'Kasseika' has joined the club of threat actors that employs Bring Your Own Vulnerable Driver tactics to disable antivirus software before encrypting files. Kasseika abuses the Martini driver, part of ...
9 months ago Bleepingcomputer.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
10 months ago Securityboulevard.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
1 year ago Hackread.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
10 months ago Unit42.paloaltonetworks.com
The Week in Ransomware - With it being the first week of the New Year and some still away on vacation, it has been slow with ransomware news, attacks, and new information. Last weekend, BleepingComputer tested a new decryptor for the Black Basta ransomware to show how it ...
10 months ago Bleepingcomputer.com
Game mod on Steam breached to push password-stealing malware - Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised ...
10 months ago Bleepingcomputer.com
Steam game mod breached to push password-stealing malware - Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push Epsilon information stealer malware using the Steam update system. As developer Michael Mayhem told BleepingComputer, the compromised ...
10 months ago Bleepingcomputer.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
What is Word Unscrambler In Gaming? - Are you tired of getting stuck on those tricky word puzzles in your favourite mobile game? Have you ever wished for a tool to help unscramble those seemingly impossible words? Look no further because the word unscrambler is here to save the day! This ...
1 year ago Hackread.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
8 months ago Bleepingcomputer.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
11 months ago Helpnetsecurity.com
CVE-2021-37209 - A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < ...
1 year ago
CVE-2024-38867 - A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.64), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) ...
4 months ago
CVE-2022-45044 - A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) ...
8 months ago
CVE-2021-31895 - A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V4.3.7), RUGGEDCOM ROS M2200 (All versions < V4.3.7), RUGGEDCOM ROS M969 (All versions < V4.3.7), RUGGEDCOM ROS RMC (All versions < V4.3.7), RUGGEDCOM ROS RMC20 ...
3 years ago
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
9 months ago Feeds.fortinet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)