Conti ransomware gang, which leaked ransomware victims’ data, has its own data leaked

Oh the irony.

 Conti ransomware, which leaked ransomware victims' data, has its own data leaked

What is delicious irony to the cybersecurity community at large is a troubling embarrassment to a ransomware gang.

The notorious Conti ransomware group, which nailed its colours to the mast by publicly announcing its support for Vladimir Putin’s invasion of Ukraine, and threatened to launch cyber attacks against anyone who targeted Russia, has had its own data leaked.

Oh how embarrassing for the criminal gang who extorted millions from businesses by threatening to leak their data, that someone leaked some 160,000 messages between their members as well as their malware source code.

Sign up to our free newsletter.
Security news, advice, and tips.

I was many of many infosecurity commentators who was contacted via an anonymous email on February 27, with a link to logs of the Conti group’s internal chats.

An email which signed off with the cry of “Glory to Ukraine!” gave a “friendly heads-up” had “lost all their shit”:

Leak email

Further material has since been leaked from the @ContiLeaks Twitter account, thought to be run by a Ukrainian security researcher.

If you don’t have the time or inclination to read the last few years’ internal chat logs of a ransomware gang I can fully understand. Thankfully investigative journalist Brian Krebs has written a series of articles analysing the Conti group’s chats in some detail.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.