Written by AJ Vicens
Apr 15, 2022 | CYBERSCOOP
In late February, a Ukrainian researcher with longtime access to Conti’s internal chats and files began leaking them online, exposing in intricate detail the ways in which one of the most prolific cybercrime syndicates operated.
In the weeks since, voluminous reporting has picked the files apart, even as the group, mostly known for its prolific ransomware attacks on targets around the world, chugged along, offering an unprecedented view into the sprawling and sophisticated operation behind. Research out Friday suggests an even bigger and more complex network associated with the group.
The research suggests strong connections between Conti — and an associated ransomware strain known as Diavol, which is part of the highly lucrative TrickBot malware family — and Karakurt, a cyber extortion group that’s attacked dozens of targets to the tune around the world since first emerging in August 2021.
According to joint research from cybersecurity firm Arctic Wolf’s Tetra Defense, Chainalysis and Northwave, Karakurt may represent an effort at business-model diversification for Conti, or at the very least is condoned by and connected financially and otherwise to the group. The findings reveal that the web of sophisticated operations