Garda cyber experts are trawling through thousands of digital records belonging to a notorious cyber gang behind the HSE cyberattack that were leaked online after it backed Russia’s invasion of Ukraine.
It is estimated that 60,000 messages belonging to the Conti gang were made public by a Ukrainian security researcher in response to the outfit siding with Russian president Vladimir Putin.
The Conti ransomware attack on the HSE crippled the health and wider social services computer systems for months after it was launched in May 2021.
Last October, the EU cyber agency (Enisa) cited the HSE attack as one of the major ransomware incidents in 2020 and 2021.
It said the Conti group, which is based in Russia, was considered to be the second most dominant player in what it said was a booming ransomware market.
It said, based on crowdsourced ransomware payment data, that Conti made the most financial gains in 2021 with payments in the order of $12.7m (€10.95m).
It said the group accounted for 10% of market share of ransomware incidents in the first three months of last year, putting it in second place.
The group has now been severely damaged after an internal row following a declaration by the gang that it was firmly siding with Russia in the war on Ukraine.
Experts believe that as a result a Ukrainian security researcher decided to dump more than 60,000 internal messages of the group.
These conversations, contained in 400 files, are said to contain information about the gang's activities, including previously unreported victims, bitcoin addresses, and discussions about their operations.
There are said to be English translations of the files.
Support the originator by clicking the read the rest link below.
