While Gizmodo hasn’t had the chance to dig through the tranche, the outlet Recorded Future described finding everything from Bitcoin addresses where Conti members received payments, and messages containing ransom negotiations between Conti and its victims. As of mid-2021, the group had raked in over $25 million in ransomware payouts from more than 100 victims and has targeted companies like Shutterfly as well as law enforcement and healthcare systems around the world.
This likely won’t be the last example of infighting we’ll see from the cybercriminal community, which has always been pretty vibrant in both Russia and Ukraine.
Since Russia began invading its neighbor though, some of these groups—like Conti, Sandworm, and even Anonymous—have begun picking sides between the two countries. Yesterday, Ukraine stepped this up a notch by unleashing its “IT Army”: close to 200,000 volunteers across cybersecurity that are working to shut down various parts of Russian infrastructure, like the websites for Russia’s parliament. Russia, meanwhile, has reports of vigilante hackers working across the country to take down Ukrainian government websites and poach data from civilians.
Advertisement