Russian ransomware Operator Conti has leaked thousands of confidential internal chat logs to journalists, law enforcement and cybersecurity researchers, apparently by a disgruntled employee.
The leak reportedly comes in retaliation for the group, which recently decided to side with the Russian government after invading Ukraine.
The news was first broken by Beeping computerstating that in the first days of the invasion, the ransomware group released a brief announcement expressing its full support for the Russian government and threatening any cybersecurity or cybercrime groups that decide to use their capabilities to attack the Russian to disrupt surgery.
Bitcoin addresses and previously unreported victims
However, Conti appears to have many Ukraine-based subsidiaries, and after what appeared to be a violent backlash, the group changed stance, condemning the ongoing war and claiming to take no sides. However, she added that she will use her full force in the fight against “Western warmongering and American threats.”
The yet-to-be-named Ukrainian culprit behind the leak said the Conti gang “lost all their shit” before filing more than 60,000 internal chat messages, the authenticity of which has now been confirmed by independent cybersecurity researchers.
> Meyer hit by ransomware attack, affecting thousands of employees
> Shutterfly hit by Conti ransomware attack
> Ransomware: an evolving threat
So far, the media has only shared relatively innocuous chat transcripts to prove the leak’s authenticity.
However, there seems to be a lot of dirty laundry under the chat logs, some of which could even lead to arrests. Initial investigations suggest that the chat logs reveal details such as previously unreported victims, private data leak URLs, bitcoin addresses, and discussions about their operations.
Conti is an active ransomware group that recently hit American cookware distributor Meyer and stole sensitive employee data. The group appears to have taken the full names, physical addresses, dates of birth, gender and ethnicity information, social security numbers, health insurance and health information of employees, random drug screening results, Covid vaccination cards, driver’s licenses, passport details, government ID numbers, Permanent residence cards, immigration status information, and dependents information.
It has also been reported that some of the top members of the infamous TrickBot malware The family has also recently joined the ranks of Conti.
- Here’s our rundown of those best antivirus software at the moment
This article was previously published on Source link