[HN Gopher] HelloKitty ransomware rebrands, releases CD Projekt ...
___________________________________________________________________
HelloKitty ransomware rebrands, releases CD Projekt and Cisco data
Author : sam42
Score : 52 points
Date : 2024-04-20 18:39 UTC (4 hours ago)
(HTM) web link (www.bleepingcomputer.com)
(TXT) w3m dump (www.bleepingcomputer.com)
| user_7832 wrote:
| > As first spotted by VX-Underground, a group of developers have
| already compiled Witcher 3 from the leaked source code, sharing
| screenshots and videos of development builds.
|
| > One representative of the group compiling Witcher 3 known as
| 'sventek' told BleepingComputer that the leaked CD Projekt data
| is 450 GB uncompressed and contains source code for Witcher 3,
| Gwent, Cyberpunk, various console SDK (PS4/PS5 XBOX NINTENDO),
| and some build logs.
|
| > Sventek told BleepingComputer that they were previously able to
| compile Cyberpunk 2077 from the CD Projekt's leak...
|
| Is 450gb really that big enough? Games are individually often
| close to a hundred gb, and I'd assume the source code has more
| things.
| mschuster91 wrote:
| > Is 450gb really that big enough? Games are individually often
| close to a hundred gb, and I'd assume the source code has more
| things.
|
| Raw assets like textures, I'd guess? These often get downscaled
| and compressed as part of build.
| user_7832 wrote:
| Thanks, didn't realize this was w/o textures
| bluefirebrand wrote:
| Apparently a huge part of the average game's download size
| nowadays is uncompressed audio
| mschuster91 wrote:
| Uncompressed _audio_? Why the fuck would anyone even want
| to do that? Even computers 20 years ago could handle Vorbis
| or if they were fancy enough to buy a decoder MP3 audio.
| Today 's multicore monsters can easily handle dedicating an
| entire core to sound effects only.
| Cixelyn wrote:
| you check in the uncompressed audio, and then fmod, wwise
| or whatever other middleware you're using will compress
| to a different format and compression ratios on a per-
| platform basis during the build process (i.e. vorbis on
| PC, AT9 on PS4, FADPCM on mobile, etc.)
| iLoveOncall wrote:
| 450GB is 450 TRILLION characters.
|
| Assets are not part of the source code, so this is huge.
|
| That's almost 20,000 times all of Wikipedia, or 2 whole single
| page applications using a JavaScript framework!
| user_7832 wrote:
| > Assets are not part of the source code, so this is huge.
|
| Aah thanks, that helps clarifying it. Yep, without media I
| could see that that many lines of code would be a lot. But
| how would they make the game without textures? I guess just
| ripping them from the published version, or just going "it
| compiles!" and calling it quits?
| georgemcbay wrote:
| Assuming the code is complete enough to be compiled, I
| would guess that it has no problem reading any content
| assets from the commercial version (even if they are packed
| into custom packaging files) with the major concern being
| versioning related (maybe the most recent source code
| branch references to various assets might not match up
| exactly with what is on disc for a specific retail build).
|
| But also it isn't that uncommon at game studios for assets
| to be checked in alongside the code, so I wouldn't be
| shocked if these source code dumps and the associated sizes
| being reported also include the assets.
| denotational wrote:
| > 450GB is 450 TRILLION characters.
|
| 450GB is ~450*10^9 B (~ to handle the fact that it might be
| GiB), which is _450 billion_ bytes in the short scale (450
| thousand million /450 milliard in the long scale).
|
| 1B may or may not equal 1 character depending on your
| encoding, but 1000 characters per byte is unlikely.
| Macha wrote:
| > Assets are not part of the source code, so this is huge.
|
| Depends how linguistically precise the hackers are being. I
| could see them calling the contents of a repository the
| source code, and to my understanding, especially around the
| time of witcher 3's development, a lot of game dev studios
| used Perforce specifically because they were checking assets
| in and Perforce handled that better.
| deaddodo wrote:
| If you see an application with 1% of 450gb worth of code, run
| as far as you possibly can.
|
| That's a Lovecraftian horror. Also, it also almost certainly
| does not exist. The largest codebases would be lucky if they
| hit a 200MBs-2GB of straight code. And they're far an away the
| exceptions, not the norm.
| geek_at wrote:
| They are probably talking about source code and assets, which
| makes 450gb very realistic
| MarkSweep wrote:
| > it also almost certainly does not exist
|
| Google has billions of lines of code in one repo. I don't
| have hard numbers on file sizes, but a billion bytes is a
| gigabyte. A billion lines taking tens of gigabytes does not
| seem unreasonable.
|
| https://cacm.acm.org/research/why-google-stores-billions-
| of-...
|
| > That's a Lovecraftian horror
|
| Perhaps.
| Aloisius wrote:
| Google's repo contains more than a single application.
| dijit wrote:
| 450GiB is probably right.
|
| I've worked on a bunch of AAA game projects and the "MAIN"
| stream is usually somewhat small because people often want to
| have multiple checkouts on one drive.
| andersa wrote:
| On the project I'm currently working on, we use filters to
| disable syncing groups of art assets we don't need, so a
| checkout for an engineer is usually quite reasonable.
| Probably also around 400GB though it includes the engine.
| With all filters disabled I'd end up downloading multiple
| terabytes of stuff for the main branch.
| dijit wrote:
| Ah yeah, we keep things like blender/maya models on a
| separate stream completely.
|
| Usually the main stream can compile the entire game so it
| has all the required assets, but not _everything_ that is
| used to make the assets for the game in the first place.
| agilob wrote:
| Have almost the same thing been leaked before, but now decryption
| keys are released?
|
| Edit
|
| Found it, previously they released a magnet link called
| funnytorrent that was over 800gb, but all files are 7z encrypted
| and no password was available. There are still seeds :O
|
| So I'm guessing the new thing is the new TW3 version CDP
| confirmed this week they are working on.
|
| Edit 2
|
| The "new magnet" link is the same hash, so no new files in there.
| tester756 wrote:
| It sucks because their games are really good
| orbital-decay wrote:
| How much harm can a source leak really do for a game released
| long ago? Especially for CDPR, owners of GOG.com and big
| proponents of DRM-free games.
| Mountain_Skies wrote:
| Probably not much danger that players will end up with
| pirated copies of the games, especially those with an online
| component, but having the source code will make finding
| cheats and security vulnerabilities easier.
| mschuster91 wrote:
| Don't get why you've been downvoted to grey, you make a
| very valid point particularly regarding security issues
| given the recent Apex Legends hack [1].
|
| [1] https://www.tweaktown.com/news/96928/apex-legends-pro-
| player...
| arandomusername wrote:
| They're all single player games (except maybe Gwent?).
| DaiPlusPlus wrote:
| Indirectly: the source-code will include third-party licensed
| libraries, stuff like audio and video decoding/rendering and
| other middleware - so they could be sued by the original
| devs/licensors for not keeping that protected.
| Aloisius wrote:
| When has this ever happened?
| grzeshru wrote:
| Can we get a StarCraft or Warcraft 3 leak?
| DaiPlusPlus wrote:
| I'd love to see the source-code comments over-time as they
| tweaked the balancing rules in SC... but are these leaks just a
| snapshot of the file system or does it include the full source-
| control history?
| boneitis wrote:
| If you haven't seen it before, you might enjoy Patrick
| Wyatt's (a lead dev for a time at Blizzard) blog. It is a
| treasure trove of anecdotes and war stories.
|
| https://www.codeofhonor.com/blog/
___________________________________________________________________
(page generated 2024-04-20 23:00 UTC)