The supply code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, slightly over a yr after the Lapsus$ risk actors hacked Rockstar video games and stole company knowledge.
Hyperlinks to obtain the supply code had been shared on quite a few channels, together with Discord, a darkish net web site, and a Telegram channel that the hackers beforehand used to leak stolen Rockstar knowledge.
In a put up to a Grand Theft Auto leak channel on Telegram, the channel proprietor often known as ‘Phil’ posted hyperlinks to the stolen supply code, sharing a screenshot of one of many folders.
The channel proprietor additionally paid homage to Lapsus$ hacker Arion Kurtaj, who beforehand leaked pre-release movies of Grand Theft Auto 6 below the identify ‘teapotuberhacker.’
Kurtaj was lately sentenced to an indefinite hospital keep by a UK choose for hacking into Rockstar and Uber.
“#FreeArionKurtaj
He began all of this and ensured the leak would turn into public.
I’ve immense respect for him.
Miss you buddy.
If you wish to make a journey down reminiscence lane, take a look at the checklist of pinned messages to see the way it all unfolded in 2022. Arion actively talked in right here.”
Rockstar Video games was hacked in 2022 by members of the infamous Lapsus$ hacking group, who gained entry to the corporate’s inner Slack server and Confluence wiki.
On the time, the risk actors claimed to have stolen the GTA 5 and GTA 6 supply code and belongings, together with a GTA 6 testing construct, with a few of the stolen content material leaked on boards and Telegram. The risk actor additionally shared GTA 5 supply code samples as proof that they’d stolen the info.
Safety analysis group vx-underground says they spoke to the leaker on Discord, who stated the supply code was leaked prior to anticipated.
“They declare to have acquired the supply code August, 2023,” reads a put up by vx-underground.
“Their motivation was to fight scamming within the GTA V modding scene, many individuals had been allegedly scammed by individuals claiming to have the GTA V supply code.”
Whereas BleepingComputer reviewed the leak, which seems to be official GTA 5 supply code, we couldn’t independently confirm its authenticity.
BleepingComputer contacted Rockstar in regards to the leak however didn’t obtain a response, probably as a result of holidays.
The Lapsus$ hackers
The Lapsus$ hackers stood out for his or her expertise at performing social engineering and SIM swapping assaults to breach company networks.
Some identified cyberattacks attributed to the hacking group embody Uber, Microsoft, Rockstar Video games, Okta, Nvidia, Mercado Libre, T-Cell, Ubisoft, Vodafone, and Samsung.
As a part of these assaults, the risk actors would try and extort the businesses to not leak stolen knowledge, which in lots of instances was supply code and buyer knowledge.
The success of those assaults led the Division of Homeland Safety (DHS) Cyber Security Overview Board to analyze their techniques and share suggestions for stopping related assaults sooner or later.
Whereas the Lapsus$ group has not been very lively after members had been arrested, BleepingComputer was informed a few of the members at the moment are believed to be lively within the loose-knit hacking collective often known as Scattered Spider.
Scattered Spider shares related techniques to Lapsus$, using social engineering, phishing, MFA fatigue, and SIM swapping assaults to realize preliminary community entry to massive organizations.