[German]The Russian invasion of Ukraine has had an unexpected effect on cyber security. First there were serious cyberattacks on facilities in Ukraine. Then the Conti ransomware gang claimed responsibility for the Russian government and threatened retaliation for cyberattacks on Russian facilities. Now, a hacker from Ukraine who has access to the chat server has made more than 60,000 chats public and plans to publish more material.
Advertising
The topic has been reported on Twitter for hours. Colleagues at Bleeping Computer have documented the story in a series of tweets and in this article.
Depending on the medium, a security researcher, a hacker, or a member of the Conti ransomware group is blamed as the source for the publication of the internal chat logs. In any case, it is certain that this person is close to Ukraine and must have been furious about the Conti gang's announcement that it would champion the cause of the Russian government. vx-underground published the message from the source in question to journalists on Twitter.
On the one hand, the whole thing is a serious blow for the cybercriminals, whose internal details thus become public. On the other hand, it is a stroke of luck for security researchers and prosecutors, as the chat logs provide a deep insight into the processes within the ransomware gang. This is a group of cybercriminals who participate in ransomware-as-a-service and share the workload.
Thus, not only payment flows become known through the data leak. Law enforcement can also analyze which victims paid ransom and did not report a ransomware attack. In some countries, ransomware payments are simply prohibited or require government approval. It remains exciting to see what else Tweets und in diesem Artikel mehr Details.
Advertising
