Following a report last week of a ransomware attack on Epic Games that allegedly made off with nearly 200GB of data, Epic now says the whole thing was in fact "a scam"—and so does the group that claimed credit for it in the first place.
The attack, reported on February 28 by Cyber Daily, was supposedly carried out by a hacking group calling itself Mogilevich, presumably adopting the name of notorious Russian crime boss Semion Mogilevich. The group said it had obtained 189GB of data in the attack, including «email, passwords, full name, payment information, source code and many other data,» and was offering it for sale, with a pay-up deadline of March 4.
The whole thing seemed a bit suspicious from the outset: No specific ransom amount was set, nor was any proof provided that the hack had actually taken place, which is fairly standard practice for this sort of thing. For its part, Epic said there was "zero evidence" the claim was legitimate, and that its efforts to contact Mogilevich had gone unanswered.
Sure enough, when the ransom deadline arrived Mogilevich admitted that the whole thing was a scam: A new Cyber Daily report says a link that purportedly contained the stolen Epic data instead led to a message advertising the group's services as «professional fraudsters.»
«None of the databases listed in our blog were as true as you might have discovered recently,» a representative of the group calling themselves Pongo wrote. «We took advantage of big names to gain visibility as quickly as possible, but not to [gain] fame and receive approval, but to build meticulously our new trafficking of victims to scam.»
The message explains how Mogilevich used fake claims of hacks and «social engineering» to extract ever-increasing sums from victims, beginning with sales of its hacking services (which didn't actually exist) to eight people for $1,000 each—an amount that was boosted to $2,000 each once they agreed to pay—and eventually leading to what Mogilevich claimed was an
Read more on pcgamer.com