Not everyone supports Ukraine, which is being invaded by Russia. There were also those who supported Russia in this invasion. Including the Conti hacker gang whose name is already well known.
However, due to his support, Conti has now been hit with a rock, because the gang members' conversations with various parties have now been leaked to the public, as quoted by The Verge, Tuesday (1/3/2022).
Last Friday (25/2/2022), the Conti gang surprised many by explicitly revealing their support for the government of President Vladimir Putin. Conti has threatened to retaliate against cyberattacks against Russia with multiple attacks on the perpetrators' critical infrastructure.
But two days later Conti was hit by the rock, when someone leaked a cache of conversations from the gang for years back to various parties. From there, various information was revealed that had never been known to the public.
The leak revealed at least 20 accounts used by Conti members on an open source chat service called Jabber. From the conversation, it can be seen that there is a chain of command linking Conti with Russian intelligence services.
According to Christo Grozev, executive director of Bellingcat, which is an open source intelligence research agency, the chat log revealed that Conti members had tried to hack Bellingcat contributors on orders from the FSB, Russia's main security agency.
Russia's name itself so far can't be said to be clean in the realm of cybersecurity. They are often criticized for protecting many cybercriminals, but there has never been strong evidence to suggest that.
The Conti #ransomware operation sides with Russia and threatens attacks on critical infrastructure. pic.twitter.com/L8E7lEW1MJ
— Brett Callow (@BrettCallow) February 25, 2022
Conti's chat log is reportedly distributed by a security researcher from Ukraine who has successfully penetrated Conti's network. At least that's what Alex Holden, the founder of cybersecurity firm Hold Security, who hails from Ukraine says.
"This is a Ukrainian citizen, a legitimate cybersecurity researcher, who is carrying out his role in the fight against cybercriminals supporting the Russian invasion," said Holden, who declined to reveal the hacker's identity for security reasons.
Oh yes, the chat log also revealed the Bitcoin address used by Conti to receive payment in the form of ransom for the ransomware they spread. Including Conti's negotiations with various companies that were victims of ransomware.