Ukraine war: One of the world's most successful ransomware groups is reeling from a massive dump of its own data after the cybercriminal gang aligned itself with Russia.
Conti, a cybercriminal group that researchers say is based in Russia, has extorted millions of dollars from U.S. and European companies in recent years. It provides affiliates around the world with malware that they deploy against victims in exchange for a cut of the ransom payments.
The data leak, which lays bare unprecedented details of attack infrastructure, Bitcoin addresses, as well as internal conflicts and accusations, might never have occurred if the ransomware group Conti had chosen to stay apolitical, said Alex Holden, the chief information security officer for cybersecurity firm Hold Security LLC.
“The main thing is that the gang itself contained a number of Ukrainians, it did not differentiate between its members,” Holden said. That changed last week after Russian forces attacked Ukraine, shelling military airbases, attacking checkpoints and killing at least 137 Ukrainian troops.
While the Russian ground invasion played out on television screens around the world, a cyber conflict has occurred in parallel. Hackers on both sides of the conflict launched brute force attacks known as distributed denial-of-service attacks to knock government websites offline.
By the end of last week, Conti surprised many by firmly planting itself in Russian President Vladimir Putin’s camp, saying it would use “all possible resources to strike back at the critical infrastructures of an enemy.” The announcement caused a fissure within the group, cybersecurity analysts told Bloomberg News, which counts members from Russia and Eastern Europe among its members and
Read more on tech.hindustantimes.com