Breach Response Hotline, Call 833.997.7327

Contact Us

Breach Response Hotline, Click to Call

Contact Us

HelloKitty Ransomware

HelloKitty Ransomware Auctioning Source Code for Cyberpunk and Witcher

Caleb Boma | February 10th, 2021

 

According to BleepingComputer.com, Threat actors are auctioning the alleged source code for CD Projekt Red games, including Witcher 3, Thronebreaker, and Cyberpunk 2077, that they state were allegedly stolen in a HelloKitty ransomware attack.

HelloKitty Ransomware Selling Source Codes

As part of the double-extortion attempt, the attackers threatened to release or sell the stolen data if CDPR did not pay the ransom. This attack was later confirmed to be conducted by the HelloKitty ransomware group. When disclosing the attack, CD Projekt stated that they would not give in to the ransom demands and are restoring from backups instead.

When HelloKitty is launched, it repeatedly runs an executable with the file name taskkill.exe to terminate processes within various security software and servers. SpearTip’s ShadowSpear® Platform stops these attacks by blocking the executable from running before your network is infiltrated.

SpearTip’s cyber experts continuously monitor environments 24/7 in our US-based Security Operations Center. Our certified engineers work in unison with our proprietary endpoint detection and response tool, ShadowSpear®. This allows your organization to have direct communication with our engineers at any moment and a completely transparent view of your risk profile.

If you are experiencing a breach, please call our Security Operations Center at 833.997.7327.

Categories

Connect With Us

Facebook Twitter Youtube Linkedin

Featured Articles

Phishing Campaign Assessments
Phishing Campaign Assessments Can Be Effective For Companies
20 May 2024
Incident Response Planning
Incident Response Planning: Why It's Important
17 May 2024
Ransomware Experiments
Ransomware Experiments on Developing Countries
15 May 2024
Credential Stuffing Attacks
Credential Stuffing Attacks Using TOR: Okta Warning
13 May 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Schedule a Demo Today

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.
Subscribe

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.
Learn more

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.
Schedule a Demo

24/7 Breach Response: US/CAN: 833.997.7327

Main Office: 800.236.6550

Email Us

1714 Deer Tracks Trail, Suite 150

St. Louis, MO 63131

Navigation

Connect With Us

Twitter Linkedin Facebook

©2024 SpearTip, LLC. All rights reserved.