Data released by Conti, a pro-Putin ransomware group

Diffusi i dati di Conti, gruppo ransomware pro-Putin thumbnail

After declaring your alliance with Putin and the invasion ofUkrainethe Wizard Spider group, creator of Conti ransomware, saw their private online chats published. A retaliation by another group of hackers against the ‘gang’ pro-Putin.

Data from Wizard Spiders, the Conti ransomware group that supports Putin, has been released

The Russian invasion of Ukraine brought before all the images of bombs and weapons, of the victims of this terrible conflict. But the battle is also fought online, with cyber warfare that continues to be at the center of the news.

Last Friday, the gruppo Wizard Spiders, notorious for spreading ransomware Conti which forced several public and private entities to pay ransoms, its own said proximity to the Kremlin. Several experts have reported on Twitter the statement that reads: “The Conti Team officially announces full support for the Russian government. If any organization decides to carry out a cyberattack or any war activity against Russia, we will use all the capabilities at our disposal to target the enemy’s critical infrastructure.

Two days later, Sunday 27/02, some anonymous individuals online have posted a series of chats between i members of the organizationrevealing a lot of information on how the group works internally.

For the moment there is still no certain information on who may have published the information. But come on report of one of our users we have been able to ascertain that the first reconstructions speak of a infiltrated. The “white hat” hacker of origin Ukraine he would have managed to infiltrate the criminal organization, only to reveal all the data of the group once he had sided with Putin.

Contacts with the Kremlin

In the unveiled documents there are at least a year of conversations stolen from the open-source messaging application Jabber, with at least 20 chat names belonging to the members. Some of these conversations connect members of the Accounts group directly to spy agencies Russian.

Russia has received several allegations in the past years for covering up and protecting hackers in the past. But these may be the first direct evidence of a involvement of the FSB and the Kremlin in these international illegal activities.

It also appears to have been the addresses of some Bitcoin deposits obtained as ransoms. That could lead Interpol and the FBI to seize part of the funds embezzled in past years. However, all information has come from anonymous sources and obtained illegally, so the agents’ work is far from over.

But it appears that siding with Putin could cost the entire Conti ransomware operation to Wizard Spiders.