Epic Games ransomware attack is likely fake – 'zero evidence' so far

913     0
Fortnite developer Epic Games is investigating whether claims of a ransomware attack that stole 200GB of data are real or not (Image: Epic Games)
Fortnite developer Epic Games is investigating whether claims of a ransomware attack that stole 200GB of data are real or not (Image: Epic Games)

Fortnite developer, Epic Games, is looking into claims that it's been hacked by a group which alleges it's stolen 189GB of data that includes sensitive info from source code to user passwords and payment details.

Epic Games may have its hands full with the upcoming season of Fortnite kicking off next week – and a potential live event to boot – but a ransomware group has thrown a spanner in the works with claims of an attack purporting to have stolen almost 200GB of data. The group, dubbed Mogilevich, says it "quietlly carried out an attack" to Epic Games' servers, and that the stolen data includes emails, passwords, full name and payment information of users, source code, and more.

The Epic Games ransomware attack was shared by the Dark Web Informer Twitter account, and BleepingComputer's Lawrence Abrams followed up after speaking with Mogilevich, saying "they are selling the data for 15K and will not provide proof of the breach unless you are looking to purchase it and show 'proof of funds.' Doesn't feel real."

While the group has very helpfully provided a link for interested parties to click on if they want to buy the data – shouting out 'employees of the company' – it doesn't actually appear to have done much in terms of securing its ransom; that's according to Epic at least. The publisher said to Mirror Gaming in a statement:

"We are investigating but there is currently zero evidence that these claims are legitimate. Mogilevich has not contacted Epic or provided any proof of the veracity of these allegations. When we saw these allegations, which were a screenshot of a darkweb webpage in a Tweet from a third party, we began investigating within minutes and reached out to Mogilevich for proof. Mogilevich has not responded. The closest thing we have seen to a response is this Tweet, where they allegedly ask for $15k and 'proof of funds' to hand over the purported data."

Why Star Wars Jedi: Survivor's six week delay is a good thing eiqrtiqxqiquuinvWhy Star Wars Jedi: Survivor's six week delay is a good thing

The tweet referenced in the statement is Abrams' which recounts his conversation with the group. The deadline for the purchase is cited as Monday, March 4 so if it is real, Epic has to act fast to deal with the threat appropriately.

Who is Mogilevich?

Cyber Daily reported on Mogilevich last week, saying the fledgling ransomware group is new on the scene, with its first attack falling on Tuesday, February 20. Luxury car manufacturer, Infiniti USA (a division of Nissan) was the victim in this instance, and after the initial announcement that it stole 22GB of data, the group said it had sold it just a few days later.

Since then, it's gone on to attack (or at least claiming to have attacked) three more companies, with Epic Games being the most recent. According to Cyber Daily, Mogilevich has a darnet leak site and a possibly defunct Telegram channel, and in its first post on February 18 stated:

"We are Mogilevich, a group dedicated to data extortion. Our agenda is to severely punish companies and corporations that fail to keep their infrastructure under control and security. Our operators are skilled pen-testers and in contrast to other groups like ours in which they lie about their purpose, we agree from the beginning that we are doing it for economic interest"

In relation to the reportedly stolen Infiniti USA data, a post on the Mogilevich Telegram channel said that the data had been sold and that "it would have been better to have paid the ransom. We have no time to waste, new corporations will be added to our blog soon."

Shabana Arif

Epic Games, Nintendo, PlayStation, Xbox, PC Gaming, Fortnite

Read more similar news:

08.02.2023, 14:39 • More
Overwatch 2 season 3 patch notes reveal new maps and full tank hero overhaul
10.02.2023, 13:25 • More
Call of Duty 2023 set to be full game after Modern Warfare premium DLC scrapped
13.02.2023, 12:47 • More
EA Sports FC and Premier League reportedly strike £488m deal
14.02.2023, 06:00 • More
Dead Island 2's release date has changed again, but for once it's good news
15.02.2023, 18:01 • More
Warzone 2 Season 2 patch notes in full – everything you need to know
21.02.2023, 15:37 • World
Over a third of Brits don't know when World War II took place or what started it
23.02.2023, 15:45 • More
Prime Gaming March 2023: you'll never guess what you play as in I Am Fish
23.02.2023, 22:29 • More
Suicide Squad: Kill the Justice League shown off at state of play
24.02.2023, 16:13 • More
Call of Duty 2023 to be built from scrapped DLC and recycled content
28.02.2023, 16:05 • More
Surprise Elden Ring DLC announced but the release date is still a way off yet