Ransomware
Encryption
Ransomware attack on "Ethyrial: Echoes of Yore" MMORPG. 17,000 player accounts w...
The indie game publisher Gellyberry Studios experienced a severe setback as their MMORPG, "Ethyrial: Echoes of Yore," fell victim to a ransomware attack last Friday. The attackers targeted the main server, encrypting all data, including local backup drives, and disarmed the gaming world.
## Unfortunate Fallout
The ransomware attack impacted a staggering 17,000 player accounts, wiping out in-game items and progress. The attack on this free-to-play MMORPG, available on [Steam](https://store.steampowered.com/app/1277920/Ethyrial_Echoes_of_Yore/)'s Early Access, sent shockwaves through the gaming community. The game, still in its early development phase, relies on monthly subscriptions and community support for ongoing development.
The assailants, leveraging cryptographic ransomware, demanded payment in Bitcoin for a decryption key. Faced with the grim reality that paying might not guarantee the recovery of their data, Gellyberry Studios opted for a manual restoration of all affected systems.
> "Last Friday morning, our server fell victim to a cryptographic ransomware attack... As such, we were forced to rebuild the server and create new account and character databases." - [Announcement on Discord](https://discord.com/channels/540514574462615552/834424990707220560)

***Discord Announcement***
## Gellyberry's Resilience and Commitment
Despite the challenges posed by the attack, Gellyberry Studios reassured the affected players that they would restore everything lost to the fullest extent possible. As a gesture of appreciation for the community's understanding and support, impacted players would receive all their items and progress back, along with a premium "pet."
In response to the incident, Gellyberry Studios outlined proactive measures for the future, including an increased frequency of offline account database backups, the implementation of a P2P VPN for remote access to the development server, and restricted access through specific IP addresses.
The attack on "Ethyrial: Echoes of Yore" is not an isolated incident. Ransomware has, unfortunately, become a recurring threat in the gaming industry. The attack on CD PROJEKT RED in February 2021 and the recent ransom demand of $10,000,000 from hackers targeting Riot Games in January 2023 underscore the severity of the issue.
### CD PROJEKT RED: A Precedent in Ransomware
In 2021, the developers of "Cyberpunk 2077" and "Witcher 3," CD PROJEKT RED, faced a [ransomware attack](https://www.secureblink.com/cyber-security-news/cd-projekt-ransomed-data-including-the-witcher-3-source-codes-are-now-made-public) by [HelloKitty ransomware](https://www.secureblink.com/cyber-security-news/hello-kitty-source-code-leaked-on-russian-forum). The incident highlighted the vulnerability of even well-established game developers to cyber threats.
### Riot Games: A Recent Ransom Demand
In the more recent case involving [Riot Games](https://www.secureblink.com/cyber-security-news/riot-games-hit-by-cyberattack-league-of-legends-valorant-patches-delayed), the creators of popular titles like "[League of Legends](https://www.secureblink.com/cyber-security-news/league-of-legends-source-code-up-for-auction-after-riot-games-breach)" and "Valorant," hackers issued a ransom demand of $10,000,000. The threat to release stolen source code added a layer of complexity to the situation, emphasizing the high stakes in play.
Gellyberry Studios, in their response to the attack, not only focused on technical solutions but also on empathetic gestures. Providing a premium "pet" to affected players demonstrates a commitment to the community's well-being beyond the digital realm.
### Strengthening Defenses: A Technical Perspective
From a technical standpoint, the implementation of a P2P VPN and restricting server access to specific IP ranges are commendable steps taken by Gellyberry Studios. These measures aim to fortify the infrastructure against unauthorized access and potential breaches.
### Codebase and Scripts
The underlying codebase and scripts are the silent guardians of virtual worlds. Developers must assess and reinforce the security of these foundations continually. Regular code audits, penetration testing, and adherence to secure coding practices become paramount in the face of evolving cyber threats.
### Key Takeaways:
- The gaming industry faces recurring ransomware threats.
- Gellyberry Studios opted for manual restoration post-ransomware attack.
- Proactive cybersecurity measures include increased backups and restricted server access.
- The human impact of cybersecurity incidents in gaming is profound.
- The industry must collectively work towards a more secure gaming environment.