After leaders of the Conti ransomware group issued an angry pro-Russian statement on their official site on Friday, a member of the group thought to be of Ukrainian origin leaked the gang’s internal discussions.
Conti’s Ukrainian members seem to have taken exception to the message, and one of them has hacked the gang’s internal Jabber/XMPP system. Internal records were released in an email sent to a number of media and security experts on Tuesday.
The veracity of the leaked talks has been validated by Dmitry Smilyanets, a threat intelligence analyst for Recorded Future who used to engage with the Conti gang.
READ ALSO: Bulgaria, Poland, Slovakia to Donate 70 Fighter Jets to Ukraine
The Record Media reported that the stolen data consists of 339 JSON files, each of which includes a full day’s worth of logs. Security Company IntelligenceX has disclosed conversations from January 29, 2021, to today, February 27, 2022, which can be viewed online.
In an email received earlier today, the leaker said, “We promise it is very interesting”.
According to the Record Media, the contents of the leaked communications include “Messages that show Conti’s ties to the TrickBot and Emotet malware gangs”.
“They often rented access to compromised systems from these groups to spread their software messages indicate the shutdown of the TrickBot botnet earlier this month,” the platform says.
READ ALSO: Ukraine Creates Military Unit for Foreign Volunteers. Here’s How to Join
“Messages include talks about ransom and payments from businesses that haven’t said they had a data breach or ransomware attack before.”
According to the Malware Tech Blog on Twitter, the Conti leaks offer everyone an unprecedented insight into the inner workings of a major cybercrime organisation.
“The Conti ransomware has made at least $2.7 billion since it started in 2017, according to analysis of leaked bitcoin addresses. An unnamed journalist offered to help Conti extort companies (most likely by threatening to cover the company’s breach), in return for a 5 percent commission,” the blog says.
Our Stories
NUPENG, PENGASSAN Protest NNPCL Management’s ‘Unjust’ Recruitment of External Workers for Senior Roles
Kwara Police Denies Presence of Mahmuda Terror Group but Video Suggests Otherwise
Trial of Patience Jonathan’s Domestic Staff Detained Since 2019 Adjourned Again
Naval Officer Nwosu Chijioke Collinus Refuses to Refund N200,000 He Took From Wife’s Friend for FIRS Job
Inibehe Effiong Accuses Lagos Police of Lying About Teenager Quadri Alabi’s Arrest
After FIJ’s Story, Jumia Refunds N332,890 to Rivers Couple for Faulty TV
After 18 Months, NPF Completes Confessed Murderer Killaboi’s Extradition
SPECIAL REPORT: Nigeria’s Subnational Digital Business Reforms on Life Support Despite $68m Funding
Jumia, Vendor Deny Rivers Couple Warranty Benefit for Faulty TV Screen
US-Based ‘Car Dealer’ Defrauds Lagos Man of $7,525, Even Florida Attorney General Can’t Help
Subscribe
Be the first to receive special investigative reports and features in your inbox.