A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names.
The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked in billions from companies, hospitals, and individuals worldwide. It’s part of his “fight against an organized society of criminals known worldwide,” GangExposed told The Register via Signal chat. He claims that he’s not interested in the $10 million bounty that the Feds have put up for information about one key Conti leader that he’s already named, as well as a second that he says will soon be identified on Telegram.
Read more…
Source: The Register News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Cyber Competition And Nonstate Actors In A Data-Rich World
September 21, 2020
Last year I got a parking ticket for lingering too long in a limited zone. Parking tickets are not sufficient reason to declare war on a city’s thinly veiled vehicular taxation scheme for the absentminded. And yet I wanted to. So instead of dutifully filling out the online payment form, I started searching for ways to ...
- Spammers use hexadecimal IP addresses to evade detection
September 18, 2020
A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk in RFC791 — a standard that describes the Internet Protocol (IP). Among the various technical details, RFC791 is also the standard that describes ...
- Patient dies after ransomware attack reroutes her to remote hospital in Germany
September 17, 2020
A woman seeking emergency treatment for a life-threatening condition died after a ransomware attack crippled a nearby hospital in Duesseldorf, Germany, and forced her to obtain services from a more distant facility, it was widely reported on Thursday. German authorities are investigating the unknown perpetrators on suspicion of negligent manslaughter, the Associated Press, German news outlet ...
- APT41 Operatives Indicted as Sophisticated Hacking Activity Continues
September 17, 2020
Five alleged members of the APT41 threat group have been indicted by a federal grand jury, in two separate actions that were unsealed this week. Meanwhile, the Department of Treasury also imposed sanctions on individuals and organizations associated with Iran-linked APT39. APT41 (a.k.a. Barium, Winnti, Wicked Panda or Wicked Spider) is known for nation-state-backed cyber-espionage activity as ...
- Maze ransomware now encrypts via virtual machines to evade detection
September 17, 2020
The Maze ransomware operators have adopted a tactic previously used by the Ragnar Locker gang; to encrypt a computer from within a virtual machine. In May, we previously reported that Ragnar Locker was seen encrypting files through VirtualBox Windows XP virtual machines to bypass security software on the host. The virtual machine would mount a host’s drives ...
- Mozi Botnet Accounts for Majority of IoT Traffic
September 17, 2020
The Mozi botnet, a peer-2-peer (P2P) malware known previously for taking over Netgear, D-Link and Huawei routers, has swollen in size to account for 90 percent of observed traffic flowing to and from all internet of things (IoT) devices, according to researchers. IBM X-Force noticed Mozi’s spike within it’s telemetry, amid a huge increase in overall ...