Home » Grand Theft Auto Writer Rockstar Video games Hacked

Grand Theft Auto Writer Rockstar Video games Hacked

Risk actor Lapsus$ is now seemingly chargeable for hacking gaming large Rockstar Video games after focusing on mega-brands like Microsoft, Cisco, Samsung, Nvidia, Okta and doubtless Uber.

An account working title ‘teapotuberhacker’ posted on GTAForums round 90 movies of what seemed to be in-development footage of the upcoming Rockstar Video games installment, Grand Theft Auto 6 – that the writer confirmed it was engaged on earlier this yr.

The movies, which totaled round 50 minutes of footage, included quick clips of animation assessments to extra detailed animation scenes. They have been then broadly shared on social media.

After posting the alleged in-development footage on September 18, 2022, teapotuberhacker left a message claiming they needed to “negotiate a deal” with the sport writer to return unreleased information, together with the supply code for Grand Theft Auto 5 and the in-development model of Grand Theft Auto 6.

“This isn’t the primary case the place a cyber-criminal group has stolen a company’s supply code, with each LastPass and Midea Group struggling an analogous destiny within the final month. Supply code is a part of an organization’s mental property and due to this fact holds huge worth to cyber criminals. It may be used to seek out hidden safety vulnerabilities and launch additional assaults on a enterprise,” Sam Linford, VP of EMEA Channels at Deep Intuition, informed Infosecurity Journal.

Nonetheless, in a message to Infosecurity on September 19, Craig McDonald, VP of Product Administration at BackBox, insisted that at current, “it’s nonetheless unclear if the attacker gained entry to information past the video clips that have been posted.”

Rockstar Video games and its dad or mum firm, Take-Two Interactive, acknowledged the leak on September 19, 2022.

In an announcement posted to Twitter, Rockstar stated: “We not too long ago suffered a community intrusion by which an unauthorized third social gathering illegally accessed and downloaded confidential info from our methods, together with early growth footage for the following Grand Theft Auto. Right now, we don’t anticipate any disruption to our stay sport companies nor any long-term impact on the event of our ongoing tasks. [..] Our work on the following Grand Theft Auto sport will proceed as deliberate, and we […] will replace everybody once more quickly and, after all, will correctly introduce you to this subsequent sport when it’s prepared.”

Take-Two has issued takedown notices to GTAForums and social media accounts, together with YouTube and the GTA subreddit. The unique GTAForums thread began by teapotuberhacker was eliminated, then relaunched with all hyperlinks and GTA 6 particulars eliminated, reported The Guardian.

Lapsus$ gang buoyant in latest months

It seems that teapotuberhacker gained administrative entry to the Rockstar Video games inner community after an worker clicked on a malicious electronic mail. The menace actor was then capable of obtain the movies from the employees members’ Slack channels – an analogous technique was utilized in a latest Uber information breach, which teapotuberhacker additionally claimed duty for.

In a September 19 replace, Uber stated the perpetrator may very well be linked with the Lapsus$ hacking gang that has been significantly energetic not too long ago, reportedly focusing on tech corporations reminiscent of Microsoft, Cisco, Samsung, Nvidia and Okta.

“This cyberattack ought to function the catalyst to alter mindsets and attitudes in direction of cybersecurity,” stated Linford, “Breaches like this present us that it’s extra essential than ever to implement preventative measures: consider cyber safe technique and insurance policies, precisely estimate, and quantify the impacts of a cyberattack and the influence on the group within the case of knowledge leak and prioritize the safety of knowledge. Organizations must take preventive measures that cease cyberattacks earlier than they breach the community. Companies want a line of protection which might cease these assaults earlier than they’ve time to execute, not to mention steal information.”

“To be safe, all of the infrastructure units in a company’s community will need to have the newest working methods and patches and be configured in compliance with inner safety insurance policies in addition to authorities and business laws. Preventative measures like that always take a again seat to extra urgent community administration duties, so corporations ought to spend money on community safety automation to make sure a steady movement for upgrades and patches. Implementing a baseline for correct automation will be certain that these duties are working persistently and reliably and may deter future data-compromising assaults from accessing important and confidential info,” added McDonald.