A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names.
The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked in billions from companies, hospitals, and individuals worldwide. It’s part of his “fight against an organized society of criminals known worldwide,” GangExposed told The Register via Signal chat. He claims that he’s not interested in the $10 million bounty that the Feds have put up for information about one key Conti leader that he’s already named, as well as a second that he says will soon be identified on Telegram.
Read more…
Source: The Register News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- RSAC 2020: Ransomware a ‘National Crisis,’ CISA Says, Ramps ICS Focus
February 28, 2020
Industrial control systems (ICS) and critical infrastructure will be a main focus for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this year – especially as ransomware looms as a main threat to the sector going forward. That’s according to Christopher Krebs, director of CISA, speaking at RSA Conference 2020 this week. “My agency ...
- Roaming Mantis, part V
February 27, 2020
Kaspersky has continued to track the Roaming Mantis campaign. The group’s attack methods have improved and new targets continuously added in order to steal more funds. The attackers’ focus has also shifted to techniques that avoid tracking and research: whitelist for distribution, analysis environment detection and so on. We’ve also observed new malware families: Fakecop (also ...
- Ransomware Hits U.S. Electric Utility
February 27, 2020
The Reading Municipal Light Department (RMLD) was infected with ransomware, as revealed in a statement by the electric utility. RMLD did not disclose the details on how their system was infected or the demands of the group behind the malware. There was also no indication of plans to pay ransom to the threat actors. RMLD is an electric utility in ...
- Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT
February 24, 2020
Since at least 2017, there has been a significant increase in public disclosures of ransomware incidents impacting industrial production and critical infrastructure organizations. Well-known ransomware families like WannaCry, LockerGoga, MegaCortex, Ryuk, Maze, and now SNAKEHOSE (a.k.a. Snake / Ekans), have cost victims across a variety of industry verticals many millions of dollars in ransom and ...
- ObliqueRAT linked to threat group launching attacks against government targets
February 21, 2020
Researchers have uncovered a new Remote Access Trojan (RAT) that appears to be the handiwork of a threat group specializing in attacks against government and diplomatic targets. On Thursday, Cisco Talos researchers said the malware, dubbed ObliqueRAT, is being deployed in a new campaign focused on targets in Southeast Asia. The latest campaign started in January 2020 and ...
- Croatia’s largest petrol station chain impacted by cyber-attack
February 20, 2020
A security incident described as “a cyber-attack” has crippled some business operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain. The attack took place last Friday, on February 14, at 22:00, local time, the company said. Multiple sources have told ZDNet the cyber-attack is a ransomware infection that infected and then encrypted ...