While Anonymous declared cyberwar on Russia, Conti hackers publicly announcement their full support for the government of Vladimir Putinwhile the Russian army is currently invading Ukraine.
Conti supports Russia in its war against Ukraine
The war takes place in the real world, there is no doubt, but also in the virtual world with several major players fighting against each other. The infamous Conti hackers decided to show their support for Russia in a public statement. The group behind this ransomware “threatens the Western camp with retaliation on critical infrastructure”. Shortly after this announcement, a Ukrainian researcher unveiled documents on the internal discussions of the Conti group… Valuable data on the operation of cybercriminals.
14 Toyota factories shut down due to cyberattack
Conti ransomware group previously put out a message siding with the Russian government.
Today a Conti member has begun leaking data with the message “Fuck the Russian government, Glory to Ukraine!”
You can download the leaked Conti data here: https://t.co/BDzHQU5mgw pic.twitter.com/AL7BXnihza
— vx-underground (@vxunderground) February 27, 2022
For several months, this unnamed researcher, carefully observed and analyzed the discussions Conti hackers. For 13 months, he tried to understand the functioning of the group. Today, he is taking advantage of Conti’s support for the Russian government to make this data public. The data is in JSON format and includes Jabber chat logs, bitcoin addresses, and negotiations between ransomware victims and Conti attackers. Most of the information collected correspond to internal discussions between Conti members and affiliates. It reveals personal details, conflicts and accusations.
An ideal cover for the Russian government?
A veritable goldmine for cybersecurity experts. This data will allow them to better understand how cybercriminals operate. According to a recent study, Conti is the largest hacker group in the world, in revenue generated from ransomware in 2021. In the past year, hackers have generated almost 200 million euros in revenue. It must be said that the year 2021 has been a very intense year in the ransomware dominance. Office chain analysis is even convinced that it is the most prolific year of all time for hackers.
It is difficult to say whether Conti’s rallying to the Russian government is genuinely motivated by a patriotic feeling. According to Michael DeBolt, the head of intelligence at Intel 471 “it is possible that Conti will be directed and used as a cover by the Russian government to deploy attacks against American and Western critical infrastructure”. Since President Biden has warned that the United States will respond with serious cyberattacks to any offensive targeting its critical infrastructure, using Conti as cover would allow the Russian government to achieve its goals while denying its involvement.