Indie game dev hit by ransomware attack that wiped all player accounts

Lock on Laptop Screen
(Image credit: (Image credit: Future)

Ransomware operators have rendered useless the 17,000 user accounts registered to Ethyrial: Echoes of Yore, an independently-developed Massively Multiplayer Online Role-playing Game (MMORPG).

The title is developed by Gellyberry Studios, which, in the wake of the event, published a short announcement on its official Discord channel.

Despite the catastrophe, it plans to continue work on the game and seeks to restore what it can to its affected player base with a new account system.

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Manual restoration

"Last Friday morning, our server fell victim to a cryptographic ransomware attack, which systematically encrypted all data on the system/local backup drive and left a ransom note to pay in Bitcoin to decrypt the files," the developers explained. 

"In cases like this, hackers will often take a payment and never provide the decryption key. As such, we were forced to rebuild the server and create new account and character databases."

Exactly which ransomware group attacked Gellyberry, or how much money they demanded, is unclear, but it makes sense the studio declined the offer. The game is still in “Early Access” stage on Steam, meaning it’s in early development and relies on monthly subscriptions to survive.

While the accounts and their progress were lost, Gellyberry said it would manually restore everything “to the fullest extent possible for everyone affected.” Furthermore, the users will get a complimentary “pet” as a thank you to everyone who sticks around after the restore.

To protect against future attacks, the developers promised more frequent account database backups, P2P VPN for all remote access to the development server, and a limit for the IP range having access to it. 

While ransomware attacks against game developers are nothing new, hackers usually target well-established names like CD PROJEKT RED, or Riot. Still, opportunity knocks.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.