A New Ransomware Gang Claims It Stole Source Code, Passwords And More In Epic Hack

epic games potentially has 189gb of data stolen
When you get into the ransomware scene, one would think that you want to lay somewhat low while building up a decent reputation before going for the big fish. However, ransomware newcomer Mogilevich is coming out swinging with the claim that it has compromised Epic Games and made off with a good handful of data pertaining to the company. Whether this is a real breach or not remains to be seen, but regardless, this is certainly a way to grab attention.

Before diving into the details of the attack, Mogilevich is a relatively new group that little is known about by researchers. The group only has four posts on its website at the time of writing, including Infiniti USA, Bazaar Voice, Ireland's Department of Foreign Affairs, and Epic Games. While it is unclear who is behind this attack, the name itself is potentially a reference to Russian crime boss Semion Mogilevich who the Federal Bureau of Investigation wants for a slew of crimes primarily relating to finances.

claim epic games potentially has 189gb of data stolen

Regarding the Epic Games attack, the group claims to have made off with 189GB of data, which includes “email, passwords, full name, payment information, source code, and many other data included.” All of this is available for sale, and the deadline for it is 3/4/24. However, this might be a load of fake data given a deadline to increase demand or importance around it. Bleeping Computer’s Lawrence Abrams reached out to the group to verify the claim but was told that they would not provide proof of breach unless there were “proof of funds,” which would total $15K for the data.
Further, it would seem that Epic Games is disputing the breach, explaining on X that "There is zero evidence right now that the ransomware claims from Mogilevich are legitimate." Epic continues, stating that "Mogilevich has not contacted Epic or provided any proof of the veracity of allegations."

With all that in mind, this attack certainly seems more fishy than not, though still plausible. We will have to see if Mogilevich folds under the pressure and claims or doubles down and publishes information. In the meantime, stay tuned to HotHardware for the latest on ransomware attacks and other cybersecurity news.