Ransomware group admits its Epic Games ‘hack’ was a hoax | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

The so-called ransomware group that recently claimed to have hacked Epic Games has admitted it was a hoax.

Last week the group, which goes by the name Mogilevich, posted a message on its darknet ‘leak’ site giving information on its claimed data breach of the Fortnite and Epic Games Store company.

The group claimed to have compromised “email, passwords, full name, payment information, source code and many other data”, amounting to a total size of 189GB.

However, unlike when Insomniac Games was hacked by the Rhysida group in late 2023, Mogilevich failed to produce any actual proof that it had  successfully hacked Epic Games.

Epic then sent VGC a statement saying that it was investigating but had “zero evidence that these claims are legitimate”.

Now, as Cyber Daily reports, Mogilevich has admitted that it didn’t have any of Epic Games’ data at all, and was carrying out a different type of scam.

Instead of trying to sell Epic’s internal data, Mogilevich says it was instead trying to sell its fake ransomware infrastructure to other would-be hackers.

The group claims that rather than trying to sell illegally obtained data, it was trying to scam criminals out of their money.

Epic Games is responsible for Fortnite and the Epic Games Store

“Now the real question is, why confess all this when we could just run away?” group member Pongo asked in a statement. “This was done to illustrate the process of our scam. We don’t think of ourselves as hackers but rather as criminal geniuses, if you can call us that.”

As Cyber Daily points out, this new excuse could also be untrue, so it remains unclear exactly what the group was trying to achieve.

What does appear to be the case, however, is that Epic’s data wasn’t compromised by the group after all.

National Cyber Security