To no one's surprise, the Conti ransomware gang announced its support for Russia following Putin's orders to invade Ukraine. But, considering that quite a few of their members are Ukrainian, it's easy to see how this announcement could have backfired.
Conti is one of the most notorious ransomware gangs in the world. They're believed to be operating out of Russia, with members from all over Eastern Europe.
Conti is responsible for many high-scale, international attacks. They are known to target critical infrastructure in Western countries, such as:
Government websites
Police stations
Businesses, and more.
The gang usually runs 'double extortion' attacks, stealing data and encrypting it. They then ask the victim to pay a ransom to retrieve the data.
Cybersecurity experts are certain that the gang has close ties with the Russian government. Considering the targets of their attacks, this isn't hard to believe.
If that's not enough, their initial stance on the Russia – Ukraine situation says it all. Less than a week after the invasion, Conti posted a message on the dark web announcing 'full support for Russia. They also threatened Western countries that tried to intervene with cyberattacks.
After receiving heavy backlash, the group released a second, more neutral statement. Conti collaborates with members from all over the world, so taking such a hard stance on a sensitive topic probably wasn't the best idea.
The data leak was made available via email to various security researchers and reporters. The message also read that there would be additional leaks soon. For a detailed view of all leaks, check out @ContiLeaks on Twitter. The person behind this account is likely the leaker himself.
The leaker gained access to the gang's XMPP chat server. This will surely be a blow to Conti's reputation. It's not yet known who's responsible for the attack. The media calls the person responsible for the data leak a 'Ukrainian researcher.'
Considering the scale of the leaks, the perpetrator is likely a former member who switched sides. They were able to leak over 60,000 chats dating from January 2021. They also shared the source code the group uses for their attacks.
If a notorious cybercrime gang can fall victim to a data leak, then every individual on the planet is vulnerable. In Conti's case, the leak probably happened from an insider. That's actually the most common scenario for data leaks across organizations. 94% of organizations have suffered some form of insider data breach.
But that's far from the only danger out there. Weak login credentials are also common in data leaking incidents.
Furthermore, outdated software leaves organizations vulnerable to malware, allowing threat actors to access valuable data. Phishing is also massively distributed across employees of targeted organizations in the hopes that one of them slips up.
Ironically, it's exactly these types of vulnerabilities that gangs like Conti look for in their victims.
Join our WhatsApp Channel to get the latest news, exclusives and videos on WhatsApp
_____________
Disclaimer: Analytics Insight does not provide financial advice or guidance. Also note that the cryptocurrencies mentioned/listed on the website could potentially be scams, i.e. designed to induce you to invest financial resources that may be lost forever and not be recoverable once investments are made. You are responsible for conducting your own research (DYOR) before making any investments. Read more here.