What is delicious irony to the cybersecurity community at large is a troubling embarrassment to a ransomware gang.
The notorious Conti ransomware group, which nailed its colours to the mast by publicly announcing its support for Vladimir Putin’s invasion of Ukraine, and threatened to launch cyber attacks against anyone who targeted Russia, has had its own data leaked.
Oh how embarrassing for the criminal gang who extorted millions from businesses by threatening to leak their data, that someone leaked some 160,000 messages between their members as well as their malware source code.
I was many of many infosecurity commentators who was contacted via an anonymous email on February 27, with a link to logs of the Conti group’s internal chats.
An email which signed off with the cry of “Glory to Ukraine!” gave a “friendly heads-up” had “lost all their shit”:
Further material has since been leaked from the @ContiLeaks Twitter account, thought to be run by a Ukrainian security researcher.
If you don’t have the time or inclination to read the last few years’ internal chat logs of a ransomware gang I can fully understand. Thankfully investigative journalist Brian Krebs has written a series of articles analysing the Conti group’s chats in some detail.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.