Ubisoft is reportedly investigating a possible leak of the source code for their recent release, Watch Dogs Legion.
A story on Dark Side of Gaming states that a ransomware group called “Egregor” has uploaded a 560GB package purported to be the source code for Watch Dogs Legion on “various private trackers.” Ubisoft released a brief statement on Eurogamer, “We are aware of the group’s claim and are currently investigating a potential data security incident.”
Egregor reportedly claimed in October that they had breached both Crytek and Ubisoft, with details of documents laying out a number of possible Crytek projects including a battle royale called Crysis Next and a sequel to Ryse. Crytek has not confirmed or denied the existence or authenticity of those documents.
DSOGaming indicates that the actual executable for Watch Dogs Legion is remarkably small, only 138KB in size. However, some DLLs in the package run to over 600MB, leading to speculation they might be related to anti-tampering systems such as a new form of Denuvo. As to the specifics of how the breach occurred, there has been no word from Ubisoft at this time.
Food For Thought
On the assumption that the package currently floating around various torrent sites is real, and represents the most recent version of the code prior to release, there are any number of potential scenarios which might arise. The first and highly obvious one would be mods, though the widespread release of any Watch Dogs Legion mods would be putting a target on the mod author’s back for Ubisoft’s lawyers. Game optimizations would be another possible result of somebody looking at the code and finding out where the trouble spots are, with the same hazard for trying to distribute those optimizations as potential mod authors. The most obvious concern, however, lies in the security ramifications. So far, according to DSOGaming, the game hasn’t been cracked yet. But with access to the source code, such cracks could be very easily developed. Another question is the upcoming Watch Dogs Online mode for Legion, and whether the code for that component is part of the package. If so, playing online could be potentially more serious than a simple case of “Hax!”
