Cyber Bites

A Ukrainian researcher retaliating to Conti siding with Ukraine has dealt another devastating blow to the ransomware operation. More internal conversations have been leaked, alongside the source for their ransomware, administrative panels and more. The Ukrainian researcher,, who uses the Twitter handle @ContiLeaks leaked 393 JSON files containing over 60,000 internal messages on Sunday. The messages were taken from the Conti and Ryuk ransomware gang's private XMPP chat server. The conversations, which spanned from January 21st,...

Nvidia has admitted that employee and internal data was stolen in an apparent ransomware attack last week. The chip behemoth initially gave little away, announcing only that its  “business and commercial activities continue uninterrupted” while the attack was investigated. A new statement provided more information: "Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement. We have no evidence of ransomware being deployed on the Nvidia...

Toyota, the worlds largest car maker has stopped production at all of its plants in Japan following a ransomware attack, reports suggest. Toyota announced it would suspend 28 production lines at 14 factories on Tuesday, planning to resume on Wednesday, according to Nikkei. The report claimed that the cyberattack targeted Kojima Industries, a plastic parts provider and threatened to extend into Toyota's IT systems via its "Kanban" just-in-time production control system. Cyber-experts are reportedly on-site...

The international hacking organisation Anonymous have claimed responsibility for taking down Russian media sites. Among those affected were  the state-owned news agency TASS and daily newspaper Kommersant, having been temporarily taken offline on Monday, while St Petersburg-based news outlet Fontanka’s content was replaced with a message that read, “This is not our war, let’s stop it!” The message also read: “Putin makes us lie and puts us in danger. We were isolated from the whole...

Hackers endorsed by Kyiv officials have claimed responsibility for a cyberattack on the Moscow Stock Exchange.  The website for the Moscow Stock Exchange was offline and inaccessible on Monday. The Ukraine IT Army posted a message on Telegram claiming that it had taken only five minutes to take down the website. The hackers claiming responsibility are a crowdsourced community, likely recruited through online forums.  A spokesperson for global internet connectivity tracking company NetBlocks told Forbes: “We can confirm...

In response to several Russian cyberattacks on the country, Ukraine's Vice Prime Minister and Minister of Digital Transformation Mykhailo Fedorov requested help from SpaceX and Tesla billionaire Elon Musk. Responding on Twitter, Musk confirmed  "Starlink service is now active in Ukraine. More terminals en route." SpaceX's low-earth-orbit (LEO), high speed, low latency internet service, which is considered more reliable than traditional broadband, is now available country-wide. The move makes it impossible for Russia to fully...

Nick Clegg, VP of global affairs for Meta, announced yesterday that the firm has restricted access to several accounts in Ukraine at the request of its government. “We are also reviewing other government requests to restrict Russian state-controlled media. In the meantime, we will continue to label and fact check these outlets as well as prohibit ads and demonetise their accounts globally,” he said. “The Ukrainians have also suggested that we remove access to Facebook...

A Ukrainian security researcher leaked the messages after the gang sided with Russia over the invasion of Ukraine. BleepingComputer has independently confirmed the validity of these messages from internal conversations previously shared with BleepingComputer regarding Conti's attack on Shutterfly. Vitali Kremez, CEO of Advintel, has been tracking the Conti/TrickBot operation for the past two years and confirmed to BleepingComputer that the leaked messages were genuine, taken from a log server for the Jabber communication system...

An NBC News report suggests that the US could be preparing for its most significant cyber offensive campaign in recent memory as Biden considers his options for action against Russia. The report cites two US intelligence officials, one Western intelligence official and an unnamed person, claiming that a "menu" of options have been placed in front of the President. Options include taking down Russia's internet connectivity or disrupting power supplies and railway infrastructure to impact...

Ukraine's government has reportedly called for volunteers with hacking skills to aid in the protection of the country's critical infrastructure. Reuters reported on February 24 that government-backed notices have appeared in online forums. Co-founder of Cyber Unit Technologies and major Ukrainian promotor of ethical hacking Yegor Aushev told the news agency that he wrote the post following a request from a Senior Defence Ministry official/ Another individual involved in the scheme confirmed that the request...