Indie game dev hit by ransomware attack that wiped all player accounts

Lock on Laptop Screen
(Image credit: Shutterstock.com) (Image credit: Future)

Ransomware operators have rendered useless the 17,000 user accounts registered to Ethyrial: Echoes of Yore, an independently-developed Massively Multiplayer Online Role-playing Game (MMORPG).

The title is developed by Gellyberry Studios, which, in the wake of the event, published a short announcement on its official Discord channel.

Despite the catastrophe, it plans to continue work on the game and seeks to restore what it can to its affected player base with a new account system.


Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Manual restoration

"Last Friday morning, our server fell victim to a cryptographic ransomware attack, which systematically encrypted all data on the system/local backup drive and left a ransom note to pay in Bitcoin to decrypt the files," the developers explained. 

"In cases like this, hackers will often take a payment and never provide the decryption key. As such, we were forced to rebuild the server and create new account and character databases."

Exactly which ransomware group attacked Gellyberry, or how much money they demanded, is unclear, but it makes sense the studio declined the offer. The game is still in “Early Access” stage on Steam, meaning it’s in early development and relies on monthly subscriptions to survive.

While the accounts and their progress were lost, Gellyberry said it would manually restore everything “to the fullest extent possible for everyone affected.” Furthermore, the users will get a complimentary “pet” as a thank you to everyone who sticks around after the restore.

To protect against future attacks, the developers promised more frequent account database backups, P2P VPN for all remote access to the development server, and a limit for the IP range having access to it. 

While ransomware attacks against game developers are nothing new, hackers usually target well-established names like CD PROJEKT RED, or Riot. Still, opportunity knocks.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
DDoS inscribed on a digital background made up of numbers
DDoS attacks take down game studio servers, causing DayZ and Arma network outages
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
AWS S3 feature abused by ransomware hackers to encrypt storage buckets
A white padlock on a dark digital background.
GitHub is hiding malware disguised as games, legitimate software
A group of 7 hackers, 6 slightly blurred in the background and one in the foreground, all wearing black with hoods pulled up over their heads. You cannot see their faces. The hacker in the foreground sits with an open laptop in front of them. The background, behind the hackers, is a Chinese flag
China government-linked hackers caught running a seriously dangerous ransomware scam
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
Hands typing on a keyboard surrounded by security icons
35 years on: The history and evolution of ransomware
Latest in Security
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Latest in News
Buzz Lightyear Space Ranger Spin Rennovations
Disney’s giving a classic Buzz Lightyear ride a tech overhaul – here's everything you need to know
Hisense U8 series TV on wall in living room
Hisense announces 2025 mini-LED TV lineup, with screen sizes up to 100 inches – and a surprising smart TV switch
Nintendo Music teaser art
Nintendo Music expands its library with songs from Kirby and the Forgotten Land and Tetris
Opera AI Tabs
Opera's new AI feature brings order to your browser tab chaos
An image of Pro-Ject's Flatten it closed and opened
Pro-Ject’s new vinyl flattener will fix any warped LPs you inadvertently buy on Record Store Day
The iPhone 16 Pro on a grey background
iPhone 17 Pro tipped to get 8K video recording – but I want these 3 video features instead