Insomniac Games Held for Ransom: Hackers Demand Over $2M in Bitcoin
Last updated: December 13, 2023 06:37 EST
. 2 min read
The infamous Rhysida hacker group has attacked Insomniac Games, allegedly asking for 50 BTC in ransom.
Insomniac Games is an American, California-based video game developer and part of PlayStation Studios. The latter is a division of Sony Interactive Entertainment.
Some of Insomniac Games’ products include the Spyro series, Ratchet & Clank, Resistance, Sunset Overdrive, and Marvel’s Spider-Man. It is currently working on Marvel’s Wolverine for the PlayStation 5.
However, the project is now being threatened by the hacker group that may have gotten its hands on some information regarding the upcoming Wolverine game, according to Cyber Daily. A screenshot from the game seems to be a part of the hackers’ proof-of-hack data. The data also includes art related to Marvel characters potentially set to appear in the game.
The proof-of-hack data further includes internal emails, confidential documents, and employee passport scans.
Rhysida is now running a 7-day public auction for the data allegedly in its possession. And the starting price is 50 bitcoin (BTC). Per the current BTC price, this is $2,056,891.
The hackers’ listing states:
“With just 7 days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data. Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!”
This group carried out attacks on organizations and companies across several countries.
For example, Rhysida previously claimed responsibility for the September attack on the British Library. It stole personal data and posted it online for sale.
Sony Responds
Sony stated that it’s looking into reports that Insomniac Games has been hacked.
According to VGC, the company said that,
“We are aware of reports that Insomniac Games has been the victim of a cyber security attack. We are currently investigating this situation. We have no reason to believe that any other SIE or Sony divisions have been impacted.”
Sony has dealt with these situations before. Just recently, in September, it launched an investigation following claims of a breach by ransomware group Ransomed.vc. The latter stated that it had compromised the company’s systems and would sell the stolen data.
As for this latest incident, the consequences are yet to be seen. Forbes argued that it’s possible that “in the scramble to clean this up and recover, development on Wolverine and other projects could be delayed.”
Either way, we will likely see more leaks coming from this hack.
A malicious actor may purchase the data, and even if no one buys it, the group itself is likely to share more details. And not just the game info, but affected employees’ personal details, such as addresses.
Meanwhile, this is far from the only game to suffer a similar fate. The most notable recent example is the 2022 leak of Grand Theft Auto 6’s development content.
Arion Kurtaj, the 18-year-old responsible for the leak, was a member of the cyber-crime Lapsus$. Reportedly, Kurtaj’s hack on Rockstar Games, Nvidia, and Uber resulted in $9.3 million in damages.
Kurtaj even tried blackmailing Rockstar Games, threatening to release the source code for the build of GTA 6.
Though found guilty, Kurtaj allegedly said he would return to hacking after his release.