Shortly before the start of the Russian attack on Ukraine, there was a report that three-quarters of all ransoms for ransomware go to Russia. So it’s no surprise that the ransomware group Conti is siding with Russia – with consequences. Ransomware is mainly big business. However, most of the money extorted in this way goes to Russia.
Therefore, it can be assumed that most of the racketeers are based in Russia. But in the course of the attack on Ukraine, ransomware groups have also been politicized – apparently to the dismay of Ukrainian members and partners. Because how? bleeding computer Ukrainian security researcher Vitali Kremez reported receiving and publishing more than 60,000 internal messages from the Conti ransomware group. Bleeping Computer confirms the authenticity of the chats as they can be compared to messages received from a previous Conti attack on Shutterfly.
There are almost 400 JSON files in total, containing a good 60,000 messages as of January 21, 2021. This means that this is not a complete archive of the blackmail activities, as Conti started the activities in July 2020.
A wealth of information
Still, it gives a good insight into how one of the major ransomware groups is doing, including previously unreported/known victims, URLs of private data breaches, bitcoin addresses, and general discussion of Conti activities.
Experts and security researchers are currently analyzing the news, and of course, they want and will make activities more difficult or even unable to prevent them. Law enforcement agencies will also receive important information about Conti’s internal processes.
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.