The Mogilevich ransomware gang has announced on its darknet site that it has carried out a stealth attack on the Epic Games Store, Cyber Daily reports.

The attackers claim to be in possession of 189 gigabytes of data, including emails, passwords, names, payment information, and source code. The ransomware claims that this data is currently up for sale.

Mogilevich did not set a specific amount for the data. The deadline for Epic Games to pay – or for anyone else to purchase the data – is March 4. The attackers also did not provide any evidence of the hack, as Rhysida did in the case of the Insomniac Games hack.

Later, the editor-in-chief of Bleeping Computer, Lawrence Abrams, wrote on his X/Twitter account that he learned from the extortionists that they were asking for $15,000 and would provide proof of the information only after the potential buyer’s solvency was confirmed.

Epic Games responded and stated that the company had found no evidence that the cyberattack had taken place.

“We are investigating but there is currently zero evidence that these claims are legitimate,” an Epic Games spokesperson said in a statement.

Epic Games reports that they contacted Mogilevich immediately after discovering this statement, but received no response.

Cyber Daily contacted the attackers and received a response.

“For clueless and retarded journalists, I’d like to tell you that we’re not asking EpicGames for $15,000 ransom, that’s the price that’s going to sell,” a Mogilevich spokesperson said.

Who are Mogilevich?

Mogilevich is a relatively new ransomware group that claims to have hacked many organizations, including the Irish Department of Foreign Affairs and the American company Infinity.

The group is named after the criminal mastermind Semyon Mogilevich, who has been linked to the Russian mafia in the United States, Putin, Islamic terrorists, and more. Mogilevich is among the Top 10 most wanted criminals in the world.

Unlike other ransomware groups, Mogilevich does not share samples of stolen data and claims to sell it only to directly verified buyers.

The lack of evidence has led many cybersecurity experts to believe that the attackers are trying to deceive customers with fake data.