More information about the ransomware attack that affected the creators of Cyberpunk 2077 has been revealed. Polish video game developer CD Projekt Red has revealed the ransomware note it received, which has all the hallmarks of being distributed by the well-known ransomware group like "Hello Kitty". Earlier this week, CD Projekt revealed that an unidentified actor gained access to his internal network and encrypted several of his files. This, however, reassured players that save sources are not affected and that he has already is restoring the affected data. The ransomware note contained all the usual rhetoric, informing CD Projekt that it had been "EPICALLY duped" and threatened to post the source code online. However, CD Projekt quickly responded by confirming that it would not give in to the ransom demands and that he had informed the relevant police authorities of the incident.
Note the similarities
Based on the ransom note, Fabian Wosar, CTO of anti-malware firm Emsisoft, believes that the ransomware was likely deployed by the HelloKitty group. Not much information is available about the group, but it is believed they have already targeted other large organizations, including Brazilian energy company CEMIG in December last year. HelloKitty malware disables various processes and services before encrypting the files on the victim's device. The ransom note that accompanies this attack is usually titled "'read_me_unlock.txt", which is the same name that accompanies the CD Projekt ransomware strain. Ransomware attacks have become an increasingly popular method of extorting money, with attackers stealing sensitive information related to core business processes or that could harm a particular company. Sometimes when ransomware strains are poorly designed, files can be restored without paying a ransom. However, the first indications are that there is no way to decrypt files affected by HelloKitty malware for free. Through a computer on hold