D#NUT ransomware gang claims Ready or Not dev Void Interactive as a victim
D#NUT ransomware gang claims Ready or Not dev Void Interactive as a victim
The developer of a SWAT-based first-person shooter has allegedly lost four terabytes of data including source code to a ransomware attack.
The D#NUT ransomware gang is claiming to have successfully exfiltrated four terabytes of data from Void Interactive, the developer of popular tactical shooter Ready or Not.
“voidinteractive.net you are welcome in our chat,” D#NUT declared on its dark net leak site on March 14.
“You has been pwned. All data related Ready Or Not will be posted here if u will keep silent. We got 4Tb of source code and game related data.”
The gang do not appear to be native English speakers.
“Send us a message via for on that blog as soon as possible. We will provide more profs (list of exfiltrated files).”
To add proof to its claim, the gang shared a link to the Imgur image-hosting site, and a screenshot of a list of various builds of the game in what appears to be a dev environment. More than 20 distinct builds are listed, for both PC and consoles, as well as various performance test builds.
The screenshot appears to be authentic.
D#NUT – whose leak site features a lurid illustration of the gang’s namesake – is a relatively small ransomware operation. Since it was first observed by threat tracker FalconFeeds.io in April 2023, the gang has claimed ten victims, with Void Interactive being the latest. Half of its victims have been North American organisations, with the rest spread across Europe and the UK.
However, the authenticity of the gang’s claims has been questioned by some observers. On February 5 the gang claimed to have successfully hacked the US Department of Defense, stealing documents related to a host of contractors, but one security analyst poured cold water on the claim.
“I would approach this claimed ‘breach’ by donut ransomware with caution and scepticism,” the X account CyberKnow posted on the same day.
“All the claimed US defence contractor victims have been posted to leak sites in the past year or two.”
There are some earlier incidents that D#NUT has taken responsibility for, while in…