Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Researcher leaked Conti’s internal chat messages in response to its support to Russia

A Ukrainian researcher leaked tens of thousands of internal chat messages belonging to the Conti ransomware operation. A Ukrainian researcher leaked 60,694 messages internal chat messages belonging to the Conti ransomware operation after the announcement of the group of its support to Russia. Researchers from cybersecurity firm Hold Security confirmed that the researcher was able to access […]

Conti chats

A Ukrainian researcher leaked tens of thousands of internal chat messages belonging to the Conti ransomware operation.

A Ukrainian researcher leaked 60,694 messages internal chat messages belonging to the Conti ransomware operation after the announcement of the group of its support to Russia.

Conti chats

Researchers from cybersecurity firm Hold Security confirmed that the researcher was able to access the database XMPP chat server of the Conti group.

The leak was also reported by the popular malware researcher Vitali Kremez through BleepingComputer.

The messages are only related to chat conversations since January 21, 2021, their analysis coulg give analysis precious information about the operations conducted by the group, including unreported victims due to private deals with companies that opted out to pay the ransom avoid the public disclosure of the security breach.

These conversations contain various information about the gang’s activities, including previously unreported victims, private data leak URLs, bitcoin addresses, and discussions about their operations.

BleepingComputer reported the existence of conversations about TrickBot’s Diavol ransomware operation and 239 bitcoin addresses containing $13 million in payments.

Clearly the attack against the Conti ransomware and the data leak is a retaliation for its support for the Russian invasion of Ukraine. The attack will have a significant impact on the operation of the gang, considering also that many Conti’s affiliates are Ukrainian groups.

The researchers who leaked the data belonging to Conti’s communications announced more dumps are coming.

Ukraine is recruiting a volunteer IT army of cyber security experts and white hat hackers to launch cyberattacks on a list of Russian entities. The list is composed of 31 targets including Russian critical infrastructure, government agencies, banks, hosting prividers.

Ukraine’s Minister for Digital Transformation Mykhaylo Fedorov called to action against Russia attempting to create an “IT Army” to launch a massive offensive against Russia.

A Telegram channel was used to coordinate the efforts and plan the cyber-attacks that will be conducted by the IT Army.

Below a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective.

https://securityaffairs.co/wordpress/128478/cyber-warfare-2/russian-invasion-of-ukraine-timeline.html

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Conti Ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]