A Ukrainian security researcher leaked the messages after the gang sided with Russia over the invasion of Ukraine.
BleepingComputer has independently confirmed the validity of these messages from internal conversations previously shared with BleepingComputer regarding Conti’s attack on Shutterfly.
Vitali Kremez, CEO of Advintel, has been tracking the Conti/TrickBot operation for the past two years and confirmed to BleepingComputer that the leaked messages were genuine, taken from a log server for the Jabber communication system used by the ransomware gang.
The messages contain information about the group’s activities, including private data leak URLs, bitcoin addresses, and even previously unreported victims.
One conversation involves the group questioning how BleepingComputer learned about the Shutterfly attack in December.