Thousands of internal chat logs of Russian ransomware operator Conti have been leaked to journalists, law enforcement and cybersecurity researchers by an apparently disgruntled employee. The leak is said to have come in retaliation for the group that chose to side with the Russian government after its recent invasion of Ukraine.
The news was first reported by BleepingComputer, which said the ransomware group had issued a short notice in the early days of the invasion that said it would use its full support and skills to the Russian government to threaten cybersecurity or cybercriminal groups that decided to use their skills to disrupt the Russian operation.
Conti is known to have multiple Ukraine-based affiliates, and the as-yet-unnamed Ukrainian behind the leak allegedly said the Conti gang had “completely lost their mind” before revealing more than 60,000 internal chat messages, authenticated by independent cybersecurity researchers. is being done.
For now, the media has only shared relatively “benign” chat logs to prove the authenticity of the leak. However, there seems to be a lot of dirty laundry among the chat logs, some of which could even lead to arrests. Initial investigations show that chat logs reveal details such as previously unreported victims, private data leak URLs, bitcoin addresses and discussions about their operations.
Conti is an active ransomware group and had recently stolen sensitive employee information by targeting the American Meyer. The Group includes the full names, physical addresses, dates of birth, gender and ethnicity information, Social Security numbers, health insurance information and medical condition data of Meyer employees, random drug screening results, Covid vaccine cards, driver’s licenses, passport data, government identification numbers, He was able to obtain permanent residency cards, immigration status information, and information on your dependents.
Also, some of the best members of the infamous TrickBot malware family have reportedly recently joined Conti’s ranks…