- 精华
- 3
- 帖子
- 12894
- 威望
- 7 点
- 积分
- 14464 点
- 种子
- 514 点
- 注册时间
- 2010-5-20
- 最后登录
- 2024-2-6
|
本帖最后由 lucky☆star 于 2020-11-6 12:59 编辑
https://www.zdnet.com/article/ub ... somware-gangs-site/
https://www.rockpapershotgun.com ... kers-reports-claim/
上个月,勒索软件“军团” Egregor 宣称获得了知名游戏公司育碧和 Crytek 的内部数据。本周,Egregor 在其暗网网站上公开了育碧刚刚上市的游戏《Watch Dogs Legion》的源代码,其容量高达 558GB,Egregor 放出的是一个种子文件。如果文件是真实的,如此规模的泄露是史无前例的。育碧在一份声明中表示它已经知道此事正对此展开调查。
以下是来自Egregor暗网的内容
http://egregoranrmzapcv.onion/
PS:访问暗网请遵守所在地法律。笔者不推荐下载及查看该组织发布的任何文件。
PS2:目前Crytek泄露数据264GB,育碧泄露数据558GB。育碧数据还未完全发布完成。
PS3:该公司的网站https://egregornews.com/ 服务器目前托管在阿里云伦敦
PS4:访问注意安全。
The next time you are going to kill our domain name, you need to think
about problems for companies in case of data distribution between different forums
and darknet websites and torrent trackers. The guilty will be only yours.
下次你要杀死我们域名前,需要考虑公司数据在不同论坛和暗网及种子网站的分布情况。罪人只会是你。
Hole of the month
This month two game industry major companies are nominated for the Hole of the Month Award
本月最佳"洞"(指漏洞)
本月有两家游戏行业大公司获得月度"洞"奖提名。
1. Game software developer Crytek (https://www.crytek.com).
That is amazing that while declaring to be the leader of the market this software is careless about its own security.
We were not able to pass the Australia size hole and take a look inside. What did we find there? Passwords in free access,
security at the cavemen level, unencrypted chats, files with contracts, researches, engine source code and new developments.
We have also find development plans, bookkeeping and a lot more.
Some parts of that info will be published soon. Some parts will be sold to one of those who are very interested.
1. 游戏软件开发商Crytek(https://www.crytek.com)。
这真是太神奇了,虽然宣称自己是市场的领头羊,但对自己的安全问题却毫不在意。
我们无法通过这个澳大利亚大小的"洞"看看里面。我们在那里发现了什么?
自由访问的密码,山顶洞人级别的安全性,未加密的聊天记录,合同文件,研究报告,引擎源代码和新的发展。
我们还发现了开发计划、账本和更多的信息。
这些信息的一些部分将很快公布。有些部分将出售给那些非常感兴趣的人。
2. Game software developer Ubisoft (https://www.ubisoft.com/).
This developer if nominated not just for Hole of the Month. But also for the Clown of the Month Award.
We found source codes in free access in the main network. Passwords in the doc files without any protection,
all the employees and developers data and personal information, contract, game engines and a lot of more.
Guys, if the goal of the last mission in your game about hackers was the hack of your company, we’ve done it. There’s our prize?
The game WATCH DOGS: LEGION was completely downloaded from your company servers.
There’s a possibility that soon we will make a present to all fans. We will compile and upload the game to public access.
The games of such level should be distributed freely. Nobody should take money for this.
2. 游戏软件开发商育碧(https://www.ubisoft.com/)。
这个开发商如果被提名,不仅是月度"洞"奖。而且还获得了月度小丑奖。
我们在自由访问的主网络中找到了源代码。密码就写在doc(Word文档)文件中没有任何保护。
所有员工和开发人员的数据和个人信息,合同,游戏引擎和更多的东西。
伙计们,如果你们游戏中关于黑客的最后一个任务的目标是黑进你们的公司,我们已经完成了。这就是我们的奖品?
游戏《看门狗:军团》这款游戏已经完全从你们公司的服务器上下载了。
有可能很快我们就会给所有的粉丝送上一份礼物。我们会将游戏编译并上传到公众面前。
这种级别的游戏应该免费发布。没有人应该为此花钱。
Soon there will be more interesting materials. Stay with us.
P.S. Everyone who is going to use the products of that companies soon, try to think about the possible backdoors from Egregor Team.
很快会有更多有趣的资料。请继续关注我们。
P.S.每个即将使用这些公司的产品的人,试着猜想下Egregor Team可能留下的后门。
“We are aware of the group’s claim and are currently investigating a potential data security incident,” Ubisoft told us in a statement.
https://www.rockpapershotgun.com ... kers-reports-claim/
育碧声称目前正在调查。 |
|
川公网安备 51019002005286号
楼主
发表于 2020-11-6 13:26 · 吉林
发表于 2020-11-6 14:37 · 广东
