While Conti’s active operations had ceased, the server hosting RocketChat was still up, so the conversations after that were purely about Russia’s war in Ukraine. While it’s unclear exactly what happened, the announcement said that “close attention to the company from the outside has led to the fact that the boss apparently decided to lay low.” It added that Conti did not have enough money to pay everyone’s salaries and asked that they take two to three months of vacation. The chat logs also include a heavy dose of misogyny, including discussions of child sexual abuse content and jokes about rape, as well as antisemitism aimed at Ukrainian President Volodymyr Zelenskyy.Īlso on February 21, Conti announced internally to its employees that the leader of the criminal enterprise had gone into hiding. Members of the chat continually shared news updates that exaggerated Russia’s success so far in the war. The Russian hackers openly repeated Putin’s falsehoods as fact, such as that Ukraine is run by a “neo-Nazi junta” and that its government is seeking nuclear weapons. The conversations quickly turned political on February 21 when Putin announced that Russia recognized the separatist territories Donetsk and Luhansk in eastern Ukraine as independent nations, and on February 24 when Russian troops invaded Ukraine. While the #general channel had 160 users - Conti is a very large criminal enterprise - only a handful of these users actually posted messages during the monthlong period. Most of the recent messages are from the #general channel, a room where the hackers candidly discussed non-ransomware topics like drug use, pornography, cryptocurrency, an obsession with investigative journalist Brian Krebs, and occasionally technical topics. Logs of only some chat rooms appear to have been leaked. All time stamps from chat messages are in Coordinated Universal Time. As with any translations, there are sometimes multiple possible interpretations, so we are making the original Russian available here. We translated these messages using Google Translate and DeepL, and then a native Russian speaker manually corrected them.
PICS WONT POST IN ROCKETCHAT FULL
The messages are full of typos, slang, and a heavy use of mat - vulgar Russian profanity. The Intercept reviewed the most recent month of logs, focusing on those originating from RocketChat, a group-chat system similar to Discord or Slack, that Conti hosted on the anonymity network Tor. The logs span two years and multiple chat services and were released alongside training documentation, hacking tools, and source code. The logs were leaked late last month, reportedly by a Ukrainian security researcher, after Conti publicly announced its support for Putin’s invasion of Ukraine and threatened to retaliate against any cyber warfare targeted at the Russian-speaking world. Internal chat logs leaked from the notorious Russian ransomware gang Conti reveal unfiltered conversations between ultranationalist hackers in which they repeat Russian President Vladimir Putin’s conspiratorial lies about Ukraine, discuss the impact of early Western sanctions against their country, and make antisemitic comments about Ukraine’s Jewish president.
0 kommentar(er)
