Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Ransomware hack destroys 17,000 player accounts on indie MMO

Ethyrial: Echoes of Yore developers promise to restore every account by hand if necessary.

user icon David Hollingworth
Tue, 28 Nov 2023
Ransomware hack destroys 17,000 player accounts on indie MMO
expand image

A “cryptographic ransomware attack” has led to the destruction of 17,000 accounts belonging to players of a popular indie online game.

Developer Gellyberry Studios made the announcement on Ethyrial: Echoes of Yore’s Discord server late last week, telling players wondering what had happened to all their virtual stuff – including in-game items such as gear and pets, as well as earned titles and character progression.

“Last Friday morning, our server fell victim to a cryptographic ransomware attack, which systematically encrypted all data on the system/local backup drive and left a ransom note to pay in bitcoin to decrypt the files,” said a Gellyberry spokesperson. “In cases like this, hackers will often take a payment and never provide the decryption key.”

============
============

“As such, we were forced to rebuild the server and create new account and character databases.”

The developers have said that rather than relying on the backups and the goodwill of the criminals behind the hack, they will instead rebuild each of the 17,000 accounts manually and will “restore every item, level, pet, etc. that was lost during this event when the servers are back up”.

The developers will even throw in a free premium pet to make up for the hassle.

In addition to restoring the accounts, Gellyberry has also revealed a number of security improvements to prevent future incidents. Backups will become more frequent and decentralised, VPN connections to the developer server will be implemented, and specific IP addresses will be whitelisted for developer server access.

As of writing, no ransomware operator has been identified as responsible for the hack. Given the nature of the data involved – virtual items and character progression – it’s not exactly the kind of material that a threat actor can threaten to release on the dark web.

It’s entirely possible we’ll never know, but there are 17,000 gamers out there who would probably like to have a polite word with whoever it is.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.