Russian Ransomware Group Credentials Leaked In Supposed Revenge Act: CNBC

  • A security researcher saw a prolific Russian ransomware group Conti born in 2020, amass 350 members who collectively made $2.7 billion in cryptocurrency in only two years, CNBC reports.
  • The group's post expressing their siding with Russia led to a leak of details about the size, leadership, business operations, and ransomware source code on February 28, four days after Russia's Ukraine invasion.
  • Soon after the post, someone opened a Twitter Inc TWTR account named "ContiLeaks" and started leaking thousands of the group's internal messages alongside pro-Ukrainian statements, CNBC notes.
  • Their leak appeared to be an act of revenge prompted by a post by Conti published in the wake of Russia's invasion.
  • The leak helped cyber specialists realize that Conti operated like a regular tech company.
  • Conti had precise management, finance, and human resource functions, along with a classic organizational hierarchy with team leaders that report to upper management.
  • The messages exhibited that Conti had physical offices in Russia and probably its ties to the Russian government.
  • The specialists said it would have been impossible to sustain the infrastructure without government support.
  • The FBI warned that Conti's ransomware was among "the three top variants" that targeted critical infrastructure in the U.S. in 2021.
  • Conti most frequently targeted the Critical Manufacturing, Commercial Facilities, and Food and Agriculture sectors.
  • Image by S. Hermann & F. Richter from Pixabay

Posted In: NewsTechBriefs