As of now, no known ransomware gang has claimed responsibility for the cyberattack on Ethyrial: Echoes of Yore developers.
A devastating ransomware attack has wiped out a whopping 17,000 player accounts in the famous indie online MMORPG game Ethyrial: Echoes of Yore. The attack occurred on Friday in which all in-game items and progress got erased.
Ethyrial: Echoes of Yore is developed by Gellyberry Studios, an independent game studio. It is a free-to-play old-school MMORPG in its early access phase on Steam. The game currently relies on monthly subscriptions and community support.
As per the official announcement from Gellyberry Studios, the attackers targeted the game’s Discord server and encrypted all data stored in the system and the local backup drive.
“Last Friday morning, our server succumbed to a cryptographic ransomware attack. The attack systematically encrypted all data on the system/local backup drive and demanded a bitcoin ransom in exchange for decryption,” the statement read.
Attackers left a ransom demand, asking for payment in Bitcoin in exchange for data decryption. The developers have refused to pay the ransom, claiming that hackers usually deceive victims after receiving the payment.
Since the attackers compromised the backups as well, the developers had to rebuild the server and create new account and character databases. This will be a painstaking process as they had to reconstruct all the 17,000 impacted accounts manually.
The company stated they are “committed to restoring every item, level, pet, and other lost progress” as soon as the servers are restored. Furthermore, they want to compensate affected players for the issue by gifting them a complimentary premium pet.
The developers have also outlined a thorough security plan to prevent similar attacks in the future. This includes implementing decentralized backups, establishing VPN connections to their server, and introducing a whitelist for authorized IP addresses to access their server.
It is unclear who is responsible for the attack, as no specific group has come forward to claim responsibility. However, given the kind of items stolen, including character progression and virtual items, it seems unlikely that the attacker would sell the data on the Dark Web.
This isn’t the first time a game developer has suffered a ransomware attack. For example, in February 2021, game developer CD PROJEKT RED, the creator of Witcher 3, became a target of HelloKitty ransomware.
Then, in January 2023, League of Legends and Valorant creator Riot Games was threatened to pay a ransom of $10,000,000 to prevent hackers from leaking stolen source code. But unlike other instances, this time it’s the players who have been impacted instead of the company.
RELATED ARTICLES
- Fake Cyberpunk 2077 Android App Delivering Ransomware
- How gamers should secure their accounts from cyber attacks
- Game giant Electronic Arts is the latest victim of massive data breach
- Android game developer EskyFun exposed 1 million gamers to hackers
- New BloodyStealer malware steals data from gamers on EA, Epic, Steam