A cybercriminal — allegedly the same one who hacked Uber last week — has broken into Rockstar Games and stolen the source code for the upcoming game. grand theft auto 6.
The person who goes by the moniker “teapotuberhacker” also posted about 90 videos on GTAForums on September 18th, totaling about 50 minutes of pre-alpha gameplay and testing.
According to teapotuberhacker, all of the videos were shared and downloaded from the company’s Slack channels. This supports the claim that the people who hurt Uber and Rockstar are the same person, as Slack acted as an entry point for both violations.
Rockstar released a statement on Twitter, admitting that “an unauthorized third party” was able to access and download information from its systems, “including early development material for the next Grand Theft Auto.”
It added: “We are extremely disappointed to have shared with you all the details of our next game in this way. Our work on the next Grand Theft Auto game continues as planned and, as always, we are committed to providing you, our players, with an experience that truly exceeds your expectations. We’ll be bringing everyone back up to speed soon, and of course, we’ll be giving you a proper introduction to this next game when it’s ready. We would like to thank everyone for their continued support during this situation.’
A message from Rockstar Games pic.twitter.com/T4Wztu8RW8
— Rockstar Games (@RockstarGames) September 19, 2022
Although the footage quickly spread online and some is still accessible, GTA publisher Take-Two Interactive has begun making takedown requests to websites hosting the content.
Teapotuberhacker claims it wants to negotiate with Rockstar and has allegedly demanded “a five-figure sum” for the return of the stolen data – including the source code grand theft auto 5, as well as its forthcoming sequel. So far there has been no word from the company if it will negotiate, and we likely won’t hear if it decides to do so.
While some players welcomed the infraction – they took it as gloating against Rockstar for milking the nine-year-old GTA5rather than releasing a new title – others worried about what this would mean for the developers behind the game.
Uber accuses hacker group Lapsus$
If Rockstar and Uber’s hackers are the same, it’s possible both blame the Lapsus$ group, which has hurt companies like Samsung and Okta this year.
The Uber hack forced the company to shut down some internal systems, including Slack and those hosted on AWS and Google Cloud Platform.
Uber confirmed the Rockstar hack in its latest security update, but did not confirm that the attackers were the same.
Uber has released more information about the hack, saying the entry point was an outside contractor’s compromised account.
“It is likely that the attacker purchased the contractor’s Uber company password on the dark web,” the company writes, “after the contractor’s personal device was infected with malware and those credentials were exposed.”
This is quite different from the hacker’s claim of obtaining a password through social engineering.
Although the contractor whose data was compromised had two-factor authentication enabled and initially refused login attempts, they eventually accepted one and the hacker gained access to Uber’s systems.
Uber says:
“We believe this attacker (or attackers) is connected to a hacking group called Lapsus$, which has become increasingly active over the past year or so. This group typically uses similar techniques to attack tech companies and has breached Microsoft, Cisco, Samsung, Nvidia, and Okta, among others, in 2022 alone. There were also reports over the weekend that the same actor injured video game maker Rockstar Games. We are in close coordination with the FBI and the US Department of Justice on this matter and will continue to support their efforts.’