Epic Games hack in question: game maker says no evidence of attack detected

Mogilevich claims a successful ransomware attack against Epic Games

Recent reports have surfaced regarding a potential ransomware attack on Epic Games, the creator of Fortnite and the Unreal Engine.^[1] A hacker group named Mogilevich claimed to have infiltrated Epic Games' servers, allegedly extracting 189GB of sensitive data, including emails, passwords, and payment information from customers, along with source code.

This gang allegedly gave Epic Games a deadline to meet their ransom demands in order to stop the data leak. In spite of these statements Epic Games has vehemently denied the accusations, claiming that there is no proof of a security breach.

The company took to social media to announce its findings, emphasizing that it found no proof of any ransomware attack and that the alleged hackers had not made any direct contact to demand ransom.

Almost 200GB of confidential data is allegedly being sold for $15,000 on the dark web

After becoming aware of the ransomware claims, Epic Games conducted an in-depth examination to determine the accuracy of these assertions. A screenshot of a dark web page that appeared to be promoting the hack went viral online and prompted the business to launch an inquiry.

When Epic Games tried to contact the Mogilevich group to request evidence of the hack, the group did not respond. To make matters more complicated, the hacker gang allegedly demanded that potential buyers provide “proof of funds” in the form of bitcoin assets in exchange for selling the stolen data for $15,000.

Despite these interactions, Epic Games maintains that there is no concrete evidence to suggest any data compromise occurred, emphasizing the lack of direct contact or proof from the hackers.

One of the official Epic Games accounts on Twitter said the following:^[2]

There is zero evidence right now that the ransomware claims from Mogilevich are legitimate. Mogilevich has not contacted Epic or provided any proof of the veracity of allegations.

Ransomware threats in the gaming industry

The growing threat of ransomware attacks in the gaming sector has been brought to light by the latest claims against Epic Games. These kinds of cyberattacks are growing more common and sophisticated, aiming not only at game makers but also at their large user bases.

Cybercriminals find the gaming sector to be a profitable target due to its extensive databases of sensitive user data and intellectual property. Even if it was subsequently proven false, the possible security compromise at Epic Games highlights the ongoing danger and significant consequences.

Historically, the gaming industry has witnessed several high-profile ransomware attacks. For example, Sony's Insomniac Games studio suffered a significant data breach last year,^[3] leading to the leak of information on five unannounced game titles. This incident revealed not just upcoming projects but also the personal data of employees, demonstrating the dual threat to both corporate assets and individual privacy. Similarly, Ubisoft faced its own security challenges with leaked screenshots of internal software,^[4] although the damage was less extensive compared to the Insomniac Games breach.

Who is Mogilevich?

Mogilevich represents a relatively new player in the ransomware domain, with claims of attacking several organizations besides Epic Games, including international entities. Unlike other hacker groups, Mogilevich does not publicly share samples of stolen data, instead opting to sell directly to verified buyers, raising suspicions about the authenticity of their claims.

The group has also advertised itself as a Ransomware-as-a-Service operation, aiming to recruit affiliates for conducting cyberattacks. However, the lack of evidence linking Mogilevich to any successful ransomware encryption attacks adds to the skepticism surrounding their operations and intentions.

Although the Mogilevich group's allegations of a ransomware attack on Epic Games have raised reservations, it's possible that the charges are untrue given the lack of hard evidence and the company's resolute attitude on the issue. Nevertheless, the event serves as a warning of the ongoing cybersecurity risks that the gaming sector must deal with and the significance of strong security procedures to fend off attacks like this in the future.