Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Dead ransomware HelloKitty reanimates in rebrand and releases CD Projekt and Cisco data

Ransomware.

HelloKitty is back. The dreaded ransomware, which died in late 2023 after the developer leaked both the builder and the source code on a hacker forum, is back with a new name and a new data leak website. 

According to BleepingComputer, both the ransomware and the dark web portal are now called HelloGookie, most likely after the developer and operator, Gookee/kapuchin0. For the uninitiated, the original HelloKitty ransomware was developed and maintained by a hacker with the alias Guki.

That ransomware was known for targeting large organizations and corporations. It was established in late 2020, and gained infamy for breaching CD Projekt Red in February the next year.

Releasing decryptors

CD Projekt Red is a Polish game studio famous for its Witcher game series, as well as Cyberpunk 2077. So far, the Witcher series sold more than 50 million copies worldwide, while Cyberpunk 2077 currently sits at around 25 million. Both are open-world, role-playing games (RPG), and both have won numerous awards. Witcher 3 is widely considered as one of the best RPGs ever created.

When HelloKitty hit CD Projekt Red, it stole roughly 450GB of uncompressed source code, including files for an unreleased version of the Witcher 3 game, allegedly sporting ray tracing, a rendering technique used in computer graphics to produce highly realistic images by simulating the way light interacts with objects in a scene. Eventually, the technique made it to the Witcher 3 game in a 2022 update.

To “celebrate” the resurrection, the ransomware’s operator released the data stolen in the CD Projekt Red data breach, as well as data stolen from Cisco in a 2022 attack. Furthermore, they published four private decryption keys that can be used to decrypt files locked by HelloKitty.

There are currently no new leaks on the website, and no indication that there are any ongoing attacks. HelloKitty was a major player in the ransomware game. Whether HelloGookie manages to repeat the success of its predecessor remains to be seen.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.