Conti ransomware gang, which leaked ransomware victims’ data, has its own data leaked

Oh the irony.

Conti ransomware, which leaked ransomware victims' data, has its own data leaked

What is delicious irony to the cybersecurity community at large is a troubling embarrassment to a ransomware gang.

The notorious Conti ransomware group, which nailed its colours to the mast by publicly announcing its support for Vladimir Putin’s invasion of Ukraine, and threatened to launch cyber attacks against anyone who targeted Russia, has had its own data leaked.

Oh how embarrassing for the criminal gang who extorted millions from businesses by threatening to leak their data, that someone leaked some 160,000 messages between their members as well as their malware source code.

Sign up to our free newsletter.
Security news, advice, and tips.

I was many of many infosecurity commentators who was contacted via an anonymous email on February 27, with a link to logs of the Conti group’s internal chats.

An email which signed off with the cry of “Glory to Ukraine!” gave a “friendly heads-up” had “lost all their shit”:

Leak email

Further material has since been leaked from the @ContiLeaks Twitter account, thought to be run by a Ukrainian security researcher.

If you don’t have the time or inclination to read the last few years’ internal chat logs of a ransomware gang I can fully understand. Thankfully investigative journalist Brian Krebs has written a series of articles analysing the Conti group’s chats in some detail.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.