HelloKitty ransomware rebrands, releases CD Projekt and Cisco data

From bleepingcomputer.com

An operator of the HelloKitty ransomware operation announced they changed the name to ‘HelloGookie,’ releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks.

The threat actor who made the announcement goes by the name ‘Gookee/kapuchin0’ and claims to be the original creator of the now-defunct HelloKitty ransomware.

As first reported by threat researcher 3xp0rt on Thursday, the rebranding coincides with the launch of a new dark web portal for HelloGookie.

To celebrate the launch, the threat actor released four private decryption keys that can be used to decrypt files in older attacks, as well as internal information stolen from Cisco in a 2022 attack and passwords for the leaked source code for Gwent, Witcher 3, and Red Engine stolen from CD Projekt in 2021.

As first spotted by VX-Underground, a group of developers have already compiled Witcher 3 from the leaked source code, sharing screenshots and videos of development builds.

Read more…