Conti Ransomware Group's Internal Messages Leaked Amid Ukraine Conflict
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
In 2022, the Conti ransomware group experienced a major internal collapse, leading to the leak of over 300,000 internal messages. These messages revealed the group's operations and internal conflicts, particularly in response to Russia's invasion of Ukraine. Conti, which made an estimated $180 million in 2021, targeted various organizations, including the Irish Health Service Executive, demanding $20 million to restore services. The leaked communications showed members discussing their attacks and expressing disagreements about the group's direction, especially regarding their stance on the war. The fallout from the invasion led to a significant rift within the gang, culminating in the public leak of their communications. This incident has provided unprecedented insight into the workings of one of the most notorious ransomware groups.
Key Points: • Conti's internal messages were leaked, revealing operational details and conflicts. • The group extorted millions, including a $20 million demand from the Irish Health Service Executive. • Internal disagreements arose over the group's support for Russia during the Ukraine invasion.