Learn the 4 new features which will be coming to the Cloud throughout 2022, and what this means...Find out more
Ransomware Gang Conti and Ukraine
The group known as Conti got their name from the Conti ransomware that has been observed since 2020. The group is mainly made up of Russian and Ukrainian cybercriminals.
A large majority of the group was recently banned from a vast array of hacking forums; in retaliation for the Russian invasion of Ukraine.
One of the EU Raidforums published a notification saying that it would impose its own sanctions; by banning any users that were attempting to connect from Russia.
One member of the RaidForums community published a stern message as a warning to “Russians.”. The users posted a database with emails and hashed passwords for the FSB.ru domain (the domain of Russia’s main security agency, the Federal Security Service formerly known as the KGB.)
The user posted this in retaliation to the Conti ransomware gang; issuing a warning that they would respond to cyber activity against Russia using all their resources “to strike back at the critical infrastructure of an enemy.”
Conti is one of the larger ransomware gangs in the industrial sector; being responsible for over 63 breaches of Industrial Control Systems.
Once Conti publicly announced that they were siding with Russia in this conflict, they got the attention of other cybercriminals who support Ukraine in this conflict.
On the 27th of February 2022, it was publicised that a Ukrainian security researcher linked over 60,000 internal messages, between members of the Conti ransomware gang.
The majority of these messages were contained in 393 leaked JSON files; dating back to the 21st of January 2021.
These conversations contain various chats about the gang’s activities including unreported victims, private data leak URLs, Bitcoin, addresses, wallets, and discussions about previous and ongoing operations.
These leaked messages are a severe blow to Conti’s operations providing sensitive intelligence to researchers and law enforcement about the internal operations and processes of Conti.
The Russian invasion of Ukraine has led to hackers, ransomware gangs and security researchers picking sides in the conflict.
While some ransomware gangs like Conti have decided to side with Russia and other collectives like Anonymous siding with Ukraine; other groups such as LockBit are staying neutral for the time being.
Ukraine has requested the assistance of volunteer researchers and hackers to join their “IT Army” to conduct cyber-attacks on Russian targets; so far this “IT Army” has a list of 31 public targets in Russia that they are targeting.
As for the Conti ransomware gang, while these leaks are embarrassing, I don’t suspect that their operations will slow down any time soon; and for the time being, they seem to be protecting Russian infrastructure rather than attacking Ukrainian.
If you want to learn more about cyberattacks, read our blog on the most common types of cyberattacks:
Review TextTestimonial #1
Review TextTestimonial #2
Review TextTestimonial #3
Stephen SawleyBeing partnered with WPC is a joy. Their level of service and turnaround is exceptional. As is every member of the support team that I am in contact with. Savvy support and great to work with!
Mark GWe have been using Workplace Connect for around 2 years now, and have found them to be a great company to work with. The change over from our last provider was seamless, and we have enjoyed an uninterrupted service since then. They are always available to assist with any enquiries, and deal with all matters promptly. I wouldn't hesitate to recommend them to other businesses.
Elliot AzimI have worked with this company for over 4 years and can safely say that the customer service is second to none. The staff go above and beyond to assist with clients and suppliers and are always very friendly and responsive. I would highly recommend Workplace to anyone looking for a quality IT partner.
For more resources, click the link below