iscover
David HollingworthShare this article on:
A ransomware gang claims to have nearly 200 gigabytes of internal data, but Epic Games says there is no evidence of any compromise.
UPDATE 3/3/24: A Mogilevich spokesperson has said that the whole operation was a money-making scam – it's not a ransomware operation at all.
A relative newcomer to the ransomware scene is claiming to have successfully hacked game developer and distributor Epic Games.
The Mogilevich gang made the claim overnight, posting the details of the apparent hack on its darknet leak site.
“We have quietly carried out an attack to [sic] Epic Games’ servers,” a Mogilevich spokesperson said.
The gang claims to have 189 gigabytes of data, including “email, passwords, full name, payment information, source code and many other data”. The data is currently listed as up for sale.
“If you are an employee of the company or someone who would like to buy the data, click on me,” a hyperlink on the site said. The link leads to the group’s contact page, where a Tox messaging address can be found.
Mogilevich has not asked for a specific dollar figure for the data, and the current deadline for Epic Games to pay – or for someone else to purchase the data outright – is 4 March. Nor has it posted any proof-of-hack material, as Rhysida did with last year’s Insomniac Games hack.
For its part, Epic is unaware of any such incident.
"We are investigating but there is currently zero evidence that these claims are legitimate," an Epic Games spokesperson said in a statement. "Mogilievich has not contacted Epic or provided any proof of the veracity of these allegations. When we saw these allegations, which were a screenshot of a darkweb webpage in a Tweet from a third party, we began investigating within minutes and reached out to Mogilevich for proof."
"Mogilevich has not responded. The closest thing we have seen to a response is this Tweet, where they allegedly ask for $15k and “proof of funds” to hand over the purported data."
Since Epic provided us with the above quote, Mogilevich itself has responded somewhat in kind. Cyber Daily reached out to the threat actor, and while it has not responded directly, the gang has added this comment to the leak post for its alleged Epic Games hack.
"For clueless and retarded journalists, I'd like to tell you that we're not asking EpicGames for $15,000 ransom, that's the price that's going to sell," a Mogilevich spokesperson said.
"For those who are even more jerks I would like to say that the evidence is private to minimise scams, people could use the samples to impersonate my group, that's why we show the evidence to people that prove they really have the money to afford it. So, do you think it's fake? Send me a proof of funds of 15k and you'll see."
Epic Games is known for the phenomenally popular online shooter Fortnite, as well as older titles like Unreal Tournament and the Gears of War series. Epic also runs its own online storefront – the Epic Games Store – selling the games of other developers and publishers.
The company has offices all over the world, including in Australia, and owns several other subsidiaries.
Who is Mogilevich?
Mogilevich is a new threat actor in the ransomware space – Epic Games is only its fourth alleged victim, with its first being Nissan subsidiary Infiniti USA on 20 February this year.
The gang is possibly Russian-speaking, and while, so far, it appears to be operating on its own behalf, it is also advertising itself as a ransomware-for-hire operation.
We’re in the process of putting together a profile of the new operation with everything we’ve been able to discover about it so far, so watch this space.
UPDATE: Comment from Epic Games added 29/02/24. Further comment from Mogilevich added 29/02/24.
Be the first to hear the latest developments in the cyber industry.
