InfoSec Round-Up: February 12th

Cyberpunk 2077 Attack, North Korean Crypto Theft & SIM Swaps

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

Cyberpunk 2077 Cyber Attack

CD Projeckt Red, the Polish game developer, has this week revealed it has fallen victim to a cyber-attack in which company systems were encrypted and confidential data stolen.

The game studio, behind such hits as Cyberpunk 2077 and The Witcher 3, has had source code for several of their games, as well as documents relating to accounting, administration, legal, HR and investor relations stolen by the unknown attackers.

Posting the ransom note to social media, the company publicly stated that they would not yield to demands or negotiate with the criminals, despite threats from the hackers that they would sell or leak the information.

Now reportedly being auctioned online, the information has been listed at a starting bid of $1 million, with a ‘buy it now’ option of $7 million.

In a statement, the company announced, “An unidentified actor gained unauthorised access to our internal network, collected certain data belonging to CD PROJECT capital group… We have already secured our IT infrastructure and begun restoring data.”

Adding, “We are still investigating the incident, however at this time we can confirm that – to the best of our knowledge – the compromised systems did not contain any personal data.”

North Korean Hackers Net $316m

According to a report from a Japanese financial publication, North Korean attacks on cryptocurrency exchanges have netted an estimated $316 million between 2019 and 2020.

Reported as evidence that the rogue nation continues to try and sidestep international sanctions, the data reportedly comes from the United Nations (UN); a document which notes that in September of last year, around $218 million worth of cryptocurrency was stolen from a single exchange.

With stolen crypto profits believed to amount to around an astonishing $2 billion, the stolen currency is thought, according to the UN, to be being used to help finance North Korea’s nuclear program, against international sanctions.

With Pyongyang, North Korea’s political capital, denying any involvement, the country is thought to be behind many significant cyber attacks of recent years, including the 2014 Sony hack and the 2017 WannaCry virus, which cost the UK NHS around £92 million.

SIM Swap Criminals Arrested

As part of a Europol operation, ten hackers have been arrested for a series of alleged sim swapping attacks which targeted high-profile victims in the United States. Attacks which are believed to have netted the criminals around $100 million in profits.

With arrests made in Malta, Belgium and the UK, the victims of the attacks, which occurred throughout 2020, include famous internet influencers, sports stars, musicians and other celebrities.

Following a year long investigation conducted by law enforcement authorities from the UK, US, Belgium, Malta and Canada, the attackers also posted content, sent messages, and masqueraded as their victims.

This form of attack, known as ‘sim swapping ’, involves cybercriminals reallocating a victim’s phone number to a SIM belonging to the criminal gang, allowing them to bypass security protocols and access sensitive accounts or information.

In the announcement, Europol shared measures of how to avoid falling victim to this form of attack, specifically advising users to: “Keep your devices’ software up to date, do not reply to suspicious emails or engage over the phone with callers that request your personal information, limit the amount of personal data you share online, use two-factor authentication, and, when possible, do not associate your phone number with sensitive online accounts.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.