D#NUT ransomware gang claims Ready or Not dev Void Interactive as a victimD#NUT ransomware gang claims Ready or Not dev Void Interactive as a victim | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


D#NUT ransomware gang claims Ready or Not dev Void Interactive as a victimD#NUT ransomware gang claims Ready or Not dev Void Interactive as a victim

The developer of a SWAT-based first-person shooter has allegedly lost four terabytes of data including source code to a ransomware attack.

The D#NUT ransomware gang is claiming to have successfully exfiltrated four terabytes of data from Void Interactive, the developer of popular tactical shooter Ready or Not.

“voidinteractive.net you are welcome in our chat,” D#NUT declared on its dark net leak site on March 14.

“You has been pwned. All data related Ready Or Not will be posted here if u will keep silent. We got 4Tb of source code and game related data.”

The gang do not appear to be native English speakers.

“Send us a message via for on that blog as soon as possible. We will provide more profs (list of exfiltrated files).”

To add proof to its claim, the gang shared a link to the Imgur image-hosting site, and a screenshot of a list of various builds of the game in what appears to be a dev environment. More than 20 distinct builds are listed, for both PC and consoles, as well as various performance test builds.

The screenshot appears to be authentic.

D#NUT – whose leak site features a lurid illustration of the gang’s namesake – is a relatively small ransomware operation. Since it was first observed by threat tracker FalconFeeds.io in April 2023, the gang has claimed ten victims, with Void Interactive being the latest. Half of its victims have been North American organisations, with the rest spread across Europe and the UK.

However, the authenticity of the gang’s claims has been questioned by some observers. On February 5 the gang claimed to have successfully hacked the US Department of Defense, stealing documents related to a host of contractors, but one security analyst poured cold water on the claim.

“I would approach this claimed ‘breach’ by donut ransomware with caution and scepticism,” the X account CyberKnow posted on the same day.

“All the claimed US defence contractor victims have been posted to leak sites in the past year or two.”

There are some earlier incidents that D#NUT has taken responsibility for, while in March 2023 the Monti ransomware group claimed it had in turn hacked D#NUT. The hack was a revenge attack, with Monti claiming that D#NUT “stole 100,000 usd didn’t fulfill the terms of the deal”.

There are even earlier reports of the gang’s activity. Bleeping Computer first observed D#NUT – though it was simply Donut back then – in August 2022, when it attacked a Greek natural gas company. In November of the same year, however, Bleeping Computer characterised D#NUT as an affiliate for other ransomware operations, including Hive and Ragnar Locker, though it did note that D#NUT was beginning to deploy its own Encryptor.

Cyber Daily has reached out to Void Interactive for comment.



——————————————————–


Click Here For The Original Source.

.........................

How can I help you?
National Cyber Security

FREE
VIEW