One of the world’s most successful ransomware groups is reeling from a massive release of its own internal data after the cybercriminal gang aligned itself with the Russian government.
Conti, a cybercriminal group that researchers say is based in Russia, has extorted millions of dollars from U.S. and European companies in recent years. It provides affiliates around the world with malware that they deploy against victims in exchange for a cut of the ransom payments.
The data leak, which lays bare unprecedented details of attack infrastructure and Bitcoin addresses, as well as internal conflicts and accusations, might never have occurred if the ransomware group Conti had chosen to stay apolitical, said Alex Holden, chief information security officer for cybersecurity firm Hold Security LLC.