Earlier this week we reported on a breach of CD Projekt Red’s systems that resulted in a number of stolen pieces of data, including source code for Cyberpunk 2077, The Witcher 3, Gwent, and Thronebreaker, with the intent of ransoming off the ill-gotten gains. CDPR refused, and now the hackers have gotten their payday by way of a dark web auction that happened this past Wednesday.
Reports of this auction were shared by darknet intelligence company KELA Research and malware archive vx-underground, detailing the unfolding of events via Twitter threads. vx-underground first shared that an auction for game source data as well as internal documents was being held on the EXPLOIT forums with a starting bid of $1 million and a buyout price of $7 million. The next day, KELA confirmed that the auction was closed after the seller received “a satisfying offer from outside the forum.” No details of how much was paid have been shared, and the hacker stated that no further distribution or selling will be taking place as per the terms of the sale.
This, of course, will likely not stop CDPR from following through with bringing the perpetrators to justice, but it does confirm that whoever performed the hack got their money either way.
Just in: #CDProjektRed AUCTION IS CLOSED. #Hackers auctioned off stolen source code for the #RedEngine and #CDPR game releases, and have just announced that a satisfying offer from outside the forum was received, with the condition of no further distribution or selling. pic.twitter.com/4Z2zoZlkV6
— KELA (@Intel_by_KELA) February 11, 2021