Stolen source code and console SDKs CD Projekt Red are shared online

The source code for Cyberpunk 2077, The Witcher 3 and its raytracing edition and Thronebreaker have reportedly appeared online. Development kits for multiple consoles, which were also stolen from developer CD Projekt Red, have also been posted.

According to Eurogamer research, although the source code of the games can be found online, it is still encrypted. The group that owns the code is asking for a “donation” of $10,000 per game, in crypto, for the decryption keys. There is a chance that someone who buys the decryption keys for that amount will put the data on the internet unencrypted, after which everyone could browse through it. The software development kits for the Switch, PS4, PS5 and ‘Xbox’ have also been put online and are not encrypted. According to, the source code is provided on a new platform for vulnerabilities called payload.bin.

The group that is now putting the code online would not be the same that hacked CDPR earlier this year. This would be the group that bought the loot, but they would have done so on the condition that they would not redistribute it. That is apparently happening now. In a readme, the group states that “this leak is agreed with the buyer in exchange for a discount,” which seems to explain that contradiction, but isn’t a very clear explanation.

Gwent’s source code, which was also stolen in the attack on CDPR, was put online before the auction. Perhaps that was to attract attention and to demonstrate the legitimacy of the object to be auctioned.

In the hack on CDPR, non-game data from the company was also stolen. According to a message from the hackers, the documents involved “accounting, administration, human resources, investor relations and more” at the time. The group claims that these sensitive documents will not be shared with the public, but will be shared “with the media”. Perhaps that is to show that they really have the stolen data in their hands.

CD Projekt Red stated at the time of the ransomware attack that it “expected the stolen data to leak.” It said not to negotiate with the hackers and not to pay a ransom.

Statue posted on Twitter by @zavtracast