Spider-Man Developer Insomniac Games Hit by Rhysida Ransomware

Written by Gabby Lee

December 13, 2023

Spider-Man Developer Insomniac Games Hit by Rhysida Ransomware

Since its emergence in May 2023, Rhysida ransomware has gained notoriety as an emerging threat actor in the cybercrime landscape. The latest target of this group is Insomniac Games, the renowned developer behind Spider-Man and Spider-Man 2. Rhysida is demanding a ransom of 50 Bitcoins, approximately $2 million at the current market value.

Incident Overview: Insomniac Games Under Ransomware Attack

Insomniac Games, based in Burbank, California, has fallen victim to a ransomware attack orchestrated by the Rhysida group. The attackers are currently auctioning off allegedly stolen data, commencing the bidding at $2 million in Bitcoin. The nature and volume of the purportedly stolen data, described by the group as “exclusive, unique, and impressive,” remain unclear. Shared screenshots reveal snippets of internal emails, passport copies, personal ID cards, and images related to game assets or gameplay.

Spider-Man Developer Insomniac Games Hit by Rhysida Ransomware

Rhysida’s Ultimatum: A Week to Respond

The cybercriminals behind Rhysida are giving Insomniac Games a one-week deadline to meet their demands before releasing the compromised data to the highest bidder. The ransom is set at 50 Bitcoins, emphasizing the group’s preference for cryptocurrency transactions. The seven-day ultimatum is a common tactic employed by ransomware actors to coerce organizations into complying with their demands.

Rhysida’s Modus Operandi: A Profit-based Ransomware-as-a-Service (RaaS)

Rhysida, a relatively new entrant in the cybercrime arena, operates as a profit-based ransomware-as-a-service (RaaS). The group has targeted nearly 50 organizations within the past 12 months, spanning sectors such as education, healthcare, manufacturing, information technology, and government. With connections to Vice Society, a group notorious for attacks on education in the US, Canada, and the UK, Rhysida has established itself as a formidable threat actor.

Data Exposed: Beyond Game Assets and Emails

The compromised data extends beyond game-related assets and confidential emails, revealing highly sensitive personal information. This includes passport scans of current/former employees and private details about Yuri Lowenthal, the voice of Peter Parker in Insomniac’s Spider-Man games. The exposure of such confidential information heightens the severity of the incident.

Industry Response: PlayStation Studios and Insomniac’s Silence

PlayStation Studios, the owner of Insomniac Games, is yet to respond officially to the ransomware incident. The silence of the involved parties underscores the critical nature of the ongoing situation. Hackread.com will continue to monitor and update this post as new information emerges.

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

 

Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!