Written by Suzanne Smalley
Mar 7, 2022 | CYBERSCOOP
A Twitter account known as ContiLeaks debuted to much fanfare in late February, with people around the globe watching as tens of thousands of leaked chats between members of the Russia-based ransomware gang Conti hit the web.
In the days after the leaks, many celebrated what they thought would be a devastating blow to Conti, which a Ukrainian security researcher had apparently punished by leaking the internal chats because the gang threatened to “strike back” at any entities that organized “any war activities against Russia.”
But ten days after the leaks began, Conti appears to be thriving.
Experts say the notorious ransomware gang has pivoted all too easily, replacing much of the infrastructure that was exposed in the leaks while moving quickly to hit new targets with ransom demands. According to Vitali Kremez, CEO of the cybersecurity firm AdvIntel, by Monday morning Conti had successfully completed two new data breaches at U.S.-based companies.
“Conti is back and still operational and will pursue more targets,” Kremez said. “They’re safe and sound.”
Kremez and other experts said that in the days after the chats first leaked on Feb. 27, Conti may have been