The alleged hackers behind the ransomware attack on CD Projekt Red’s enterprise servers have reportedly closed the auction for the Cyberpunk 2077, GWENT and The Witcher 3 source code.
Dark web monitors KELA, who were tracking the CD Projekt Red auction, posted early Friday morning Australian time that an offer was received for the stolen source code. The offer was supposedly posted external to the auction forum, so there’s no clarity on how much money may have been offered.
However, the hackers noted that the offer came with the condition that the code not be distributed any further.
Update: we have confirmed the auction has closed. Someone has indeed purchased the material.
— vx-underground (@vxunderground) February 11, 2021
Just in: #CDProjektRed AUCTION IS CLOSED. #Hackers auctioned off stolen source code for the #RedEngine and #CDPR game releases, and have just announced that a satisfying offer from outside the forum was received, with the condition of no further distribution or selling. pic.twitter.com/4Z2zoZlkV6
— KELA (@Intel_by_KELA) February 11, 2021
KELA previously told The Verge that they believed the auction was legitimate, due to the seller’s decision to offer a guarantor and restricting bidders to those who had submitted a deposit. Screenshots showing some file lists from the stolen data also leaked online Wednesday Australian time, which certainly appear to be files related to CD Projekt’s Red Engine.
The starting price for the auction was supposedly $US1 million, with the hackers reportedly setting an automatic sale price at $US7 million. According to KELA, the auction also included files for Thronebreaker, the single-player spin-off of GWENT, The Witcher 3, Cyberpunk 2077, and other CD Projekt internal documents and data, although nobody has publicly verified the full contents of those at the time of writing.