• chevron_right

    Hackers with Conti cybercrime group are repurposing tools for attacks on Ukraine / ArsTechnica · Wednesday, 7 September - 23:30

Hackers with Conti cybercrime group are repurposing tools for attacks on Ukraine

Enlarge (credit: Getty Images)

Financially motivated hackers with ties to a notorious Conti cybercrime group are repurposing their resources for use against targets in Ukraine, indicating that the threat actor's activities closely align with the Kremlin's invasion of its neighboring country, a Google researcher reported on Wednesday .

Since April, a group researchers track as UAC-0098 has carried out a series of attacks that has targeted hotels, non-governmental organizations, and other targets in Ukraine, CERT UA has reported in the past . Some of UAC-0098's members are former Conti members who are now using their sophisticated techniques to target Ukraine as it continues to ward off Russia's invasion, Pierre-Marc Bureau, a researcher in Google's Threat Analysis said.

An unprecedented shift

"The attacker has recently shifted their focus to targeting Ukrainian organizations, the Ukrainian government, and European humanitarian and non-profit organizations," Bureau wrote. "TAG assesses UAC-0098 acted as an initial access broker for various ransomware groups including Quantum and Conti, a Russian cybercrime gang known as FIN12 / WIZARD SPIDER."

Read 5 remaining paragraphs | Comments

  • chevron_right

    Leaked ransomware documents show Conti helping Putin from the shadows / ArsTechnica · Saturday, 19 March, 2022 - 10:45

Leaked ransomware documents show Conti helping Putin from the shadows

Enlarge (credit: Wired | Getty Images)

For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies . Despite direct pressure on Vladimir Putin to tackle ransomware groups, they’re still intimately tied to Russia’s interests. A recent leak from one of the most notorious such groups provides a glimpse into the nature of those ties—and just how tenuous they may be.

A cache of 60,000 leaked chat messages and files from the notorious Conti ransomware group provides glimpses of how the criminal gang is well connected within Russia. The documents, reviewed by WIRED and first published online at the end of February by an anonymous Ukrainian cybersecurity researcher who infiltrated the group, show how Conti operates on a daily basis and its crypto ambitions . They likely further reveal how Conti members have connections to the Federal Security Service (FSB) and an acute awareness of the operations of Russia's government-backed military hackers .

Read 11 remaining paragraphs | Comments

  • chevron_right

    Guerre Russie-Ukraine : que se passe-t-il avec les cybercriminels du gang Conti ? / Numerama · Friday, 4 March, 2022 - 13:11

Conti, un gang très actif, vient d’être victime d’une nouvelle fuite de données. On vous explique les conséquences de ce piratage qui bouleverse la sphère des cybercriminels. [Lire la suite]

Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité

  • chevron_right

    Conti cybergang gloated when leaking victims’ data. Now the tables are turned / ArsTechnica · Wednesday, 2 March, 2022 - 22:43

A skull and crossbones on a computer screen are surrounded by ones and zeroes.

Enlarge (credit: Getty Images )

For months, members of Conti—among the most ruthless of the dozens of ransomware gangs in existence—gloated about publicly sharing the data they stole from the victims they hacked. Now, members are learning what it’s like to be on the receiving end of a major breach that spills all their dirty laundry—not just once, but repeatedly.

The unfolding series of leaks started on Sunday when @ContiLeaks , a newly created Twitter account, began posting links to logs of internal chat messages that Conti members had sent among themselves.

Two days later, ContiLeaks published a new tranche of messages.

Read 13 remaining paragraphs | Comments