News

Conti ransomware gang data leaked by Ukrainian cyber researcher

The data includes internal chat logs between members and affiliates of the group, unveiling their personal details, conflicts, and accusations

28 Feb 2022

.polaris__post-meta--date { display: none; } .polaris__post-meta--date.no-script { display: block; padding-left: 45px } 28 Feb 2022

Abstract silhouette of a computer hacker in front of a Russian flag

Shutterstock

A Ukrainian cyber researcher has unveiled data belonging to the notorious Conti ransomware gang.

The researcher had access to the gang’s systems and released the data after the group declared its support for Russia following the invasion of Ukraine, said Alex Holden, CTO of Hold Security, as reported by Bank Info Security. The researcher’s name cannot be shared.

The data is in JSON format and includes Jabber chat logs, Bitcoin addresses, and negotiations between ransomware victims and Conti attackers. A large part of the data is internal chat logs between members and affiliates of the ransomware group, which reportedly includes personal details, conflicts, and accusations.

There are also logs related to Trickbot, a botnet that has been used in the past to distribute the Conti ransomware, said Holden. The data range is from January 2021 to early February 2022.

Holden added that the Conti data is a must-read for any security professionals as it provides an insight into how early ransomware really works.

A group of malware researchers called VX-Underground has also taken a look at the data and shared it publicly after verifying it.

Conti ransomware group previously put out a message siding with the Russian government. Today a Conti member has begun leaking data with the message "Fuck the Russian government, Glory to Ukraine!"You can download the leaked Conti data here: https://t.co/BDzHQU5mgw pic.twitter.com/AL7BXnihza
— vx-underground (@vxunderground) February 27, 2022

News of the data leak comes as Ukraine unveils plans to create an “IT army” to fight against Russia’s digital intrusions. Mykhailo Federov, the country’s vice prime minister and minister of digital transformation, announced on Twitter that the government needs digital talents.

“There will be tasks for everyone,” he wrote. “We continue to fight on the cyber front. The first task is on the channel for cyber specialists.”

Cyber attacks on the Ukrainian government and soldiers increased last week following the invasion of the country by Russia. The attacks are part of Russia’s hybrid war strategy, where it is deploying destructive malware and denial of services. In the wake of the atacks, organisations have been urged to adopt an enhanced cyber security position.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1647524037/itpro/Whitepaper%20covers/Thumbnail_Accelerating_AI_modernisation.jpg { display: none !important; }

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1650973650/itpro/Whitepaper%20covers/Recommendations_AI_risks_thumb.png { display: none !important; }

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1655219614/itpro/Whitepaper%20covers/Intro_to_cloud_databases_thumb.png { display: none !important; }

Free Download

Powering through to innovation

IT agility drive digital transformation

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1655800725/itpro/Whitepaper%20covers/HCI_2.0_Powering_through_to_innovation.png { display: none !important; }

Free Download