In a surprising turn of events, the source code for the popular video game Grand Theft Auto 5 (GTA 5) has allegedly been leaked. According to reports, the leak occurred on Christmas Eve, just over a year after the hacking group Lapsus$ targeted Rockstar Games and stole corporate data.

The stolen source code for GTA 5 was reportedly shared through various channels, including Discord, a dark web website, and a Telegram channel that the hackers had used previously to leak stolen Rockstar data. Screenshots of one of the folders containing the stolen source code were posted by the channel owner, known as 'Phil,' on a Grand Theft Auto leak channel on Telegram.

It's worth noting that this leak also paid homage to Arion Kurtaj, a hacker associated with Lapsus$, who had previously leaked pre-release videos of the highly anticipated Grand Theft Auto 6 under the alias 'teapotuberhacker.' Kurtaj, who had hacked into Rockstar and Uber, was recently sentenced to an indefinite hospital stay by a UK judge.

This recent leak comes after Lapsus$ hackers targeted Rockstar Games in 2022, gaining unauthorized access to the company's internal Slack server and Confluence wiki. The threat actors claimed to have stolen both the GTA 5 and GTA 6 source code and assets, some of which were leaked on various forums and Telegram. Samples of the GTA 5 source code were also shared as proof of the data breach.

Security research group vx-underground revealed that they had spoken to the leaker on Discord, who claimed to have received the source code in August 2023. The motivation behind the leak, as stated by the leaker, was to combat scams in the GTA V modding scene, where individuals were allegedly being scammed by those claiming to possess the GTA V source code.

It should be noted that although BleepingComputer has reviewed the leaked source code and confirmed it to be legitimate GTA 5 source code, its authenticity could not be independently verified.

BleepingComputer reached out to Rockstar Games for a comment on the leak, but due to the holiday season, no response has been received yet.

The Lapsus$ hacking group was known for their expertise in social engineering and SIM swapping attacks, targeting various companies such as Uber, Microsoft, Okta, Nvidia, Mercado Libre, T-Mobile, Ubisoft, Vodafone, and Samsung. Their success in breaching corporate networks led to a review by the Department of Homeland Security (DHS) Cyber Safety Review Board, resulting in recommendations for preventing similar attacks.

While the activities of Lapsus$ have decreased after several members were arrested, it is believed that some members are now active in the hacking collective known as Scattered Spider. This group adopts similar tactics to Lapsus$, utilizing social engineering, phishing, MFA fatigue, and SIM swapping attacks to gain unauthorized network access to large organizations.

As the investigations into the GTA 5 source code leak continue, Rockstar Games and concerned parties are working to understand the implications and potential risks associated with the unauthorized disclosure of the game's source code.