A Ukrainian researcher retaliating to Conti siding with Ukraine has dealt another devastating blow to the ransomware operation.
More internal conversations have been leaked, alongside the source for their ransomware, administrative panels and more.
The Ukrainian researcher,, who uses the Twitter handle @ContiLeaks leaked 393 JSON files containing over 60,000 internal messages on Sunday. The messages were taken from the Conti and Ryuk ransomware gang’s private XMPP chat server.
The conversations, which spanned from January 21st, 2021 to February 27th, 2022, provides a wealth of information on the cybercrime gang, including bitcoin addresses, the group’s business organisation, how they evade law enforcement and conduct their attacks and more.
On Monday, the researcher leaked Conti data, including an additional 148 JSON files containing 107,000 internal messages since June 2020, which is roughly when the Conti ransomware operation was first launched.
