Conti 그룹, Graff 공격에 대해 사과

Graff 보석 회사에 대한 Conti 그룹 공격은 문제가되었습니다.. 이 랜섬웨어 갱이 게시한 데이터 팩에는 모하메드 빈 살만 왕자의 기밀 정보가 포함되어 있습니다. – 사우디 아라비아에서 매우 중요한 인물. 그들의 공격이 그렇게 높은 사람에게 닿는 것을 보고, Conti는 서버에서 Graff에서 훔친 정보를 삭제하기로 결정했습니다..

Conti attack on Graff

On Saturday, 십월 31, 계정 랜섬웨어 attacked the luxury jewelry manufacturer Graff. They performed their “classic” attackwith file ciphering and data stealing. Among the clients of this company, there are such famous persons as Donald Trump, David Beckham, Sir Phillip Green, and a lot of Hollywood stars. 그러나, what is most important, among these celebrities there was a member of the Saudi Royal FamilyMohammed bin Salman, the Crown Prince.

Conti Graff attack
List of data that Conti stole from Graff network

Conti ransomware group is known for its habit to set the stolen data for sale by parts. 이 경우, 만 1% of the information was posted, and fortunately, nobody has purchased it1. Why fortunately? 때문에, as it was uncovered slightly after the attack, the information that was inside is so critical that all law enforcements from all over the world would start lawsuits against Conti. The affiliate who posted this information for sale did not check what exactly he’s going to sellthat’s why it caused so much disruption.

Why are databases from Graff so crucial?

Graff is known for its goods for the richest people on the planet. The aforementioned celebrities who shopped there are perfect proof of it. But together with the information about the purchases of people who are known worldwide the high risks came into sight. Any sort of 데이터 유출 will uncover the purchases of royal families, politicians, or other celebrities. And it will be very easy to check if this purchase was addressed to their family, or somewhere elsefor bribery, 예를 들면, or to the mistress.

The data leak created by Conti ransomware is a perfect example of such a situation. And while Hollywood celebrities could do nothing against this data breach, the Crown Prince, who is the minister of defense of Saudi Arabia, is able to start a serious campaign against Conti. You can see what happens then on the example of REvil 랜섬웨어 그룹. That’s why fraudsters decided to apologize and delete the data stolen from Graffjust to avoid such a risk. Did anyone doubt that the safety of their own hide is the only thing they value?

Text of Conti message with apologizes:

여보세요!
This is an important privacy and confidentiality announcement from the Conti Team.
As some of you may know, two weeks ago, we uploaded data from a company Graff on our blog.
This publishing, 하나, lead to an in-depth investigation of the sample files by the Daily Mail. Daily Mail is a UK paper (not American Twitter 2-digit-IQjournalism”), 따라서, their analysis was done with the highest standards of reporting and uncovered things that we have unfortunately missed.
We found out that our sample data was not properly reviewed before being uploaded to the blog.
https://www.dailymail.co.uk/news/article-10148265/Massive-cyber-heist-rocks-high-society-jeweller-Graff.html#comments
As a response to the investigation by Daily Mail, we will delete all Graff’s information from the blog, and will clarify our privacy and confidentiality policy.
1. Conti guarantees that any information pertaining to members of Saudi Arabia, 아랍 에미리트, and Qatar families will be deleted without any exposure and review. Our Team apologizes to His Royal Highness Prince Mohammed bin Salman and any other members of the Royal Families whose names were mentioned in the publication for any inconvenience.
2. Conti guarantees that besides the 1% files shared on our blog, there were no instances of exposure or sharing of the Graff Diamonds data. 다른 말로, none of this information was sold on auctions or offered as samples, or revealed in any other capacity to any third party.
3. Conti guarantees to implement a more rigid data review process for any future operations.
We want to thank the Daily Mail for investigative coverage and great journalist work, especially regarding the US and UK individuals in the Graff files. As long as the truth is overt, it prevails! As for the Graff Diamond case, we will conduct our own review that will focus exclusively on US and EU citizens.
Our goal is to publish as much Graff’s information a possible regarding the financial declarations made by the US-UK-EU Neo-liberal plutocracy, which engages in obnoxiously expensive purchases when their nations are crumbling under the economic crisis, unemployment, and COVID. While the Nations of America and Europe are chocked by lockdowns and totalitarian surveillance, the neoliberal elites of these states enjoy the luxury of a feast in time of plague.
Along with purchase statements on diamonds and $500,000 USD necklaces, we will publish financial declarations and money orders, so the public knows.
With this publishing, we also hope to raise awareness of the UK and EU governments who have regulations that legally prosecute the companies who can not protect their customer data. We also want to motivate these customers themselves to initiate legal action.
We hope to see more great coverage from Daily Mail!
안전 유지!
Kind Regards,
Conti Team

Aftermath of Conti attack on Graff

The only thing Conti lost at this event was the ransom for data deletion. They are widely known as the group of rascals, who don’t have shame or conscience. While a lot of other ransomware groups agreed to avoid attacking critical infrastructure, Conti kept going, attacking nursery houses, clinics and universities. 이 경우, they did a step backward just because it could be dangerous for them. 예, they already committed enough attacks to get a one-way ticket to jail. But leaking data about the member of the Saudi Royal Family almost equal to the highest wanted levels from law enforcements.

혹시, the affiliated member who managed this attack will be punished in this or another way. But there will be no global changes for Contithe Russian group will just keep going, ignoring any rules and any morals.

  1. Another example of the data selling in Darknet.

트로이 킬러 소개

메모리 스틱에 트로이 킬러 휴대용 운반. 당신은 당신이 어디를 가든 당신의 PC가 어떤 사이버 위협에 저항 도울 수 있는지 확인하십시오.

또한 확인

공격자는 일반적으로 긴 암호를 무차별 대입하지 않습니다.

공격자는 일반적으로 긴 암호를 무차별 대입하지 않습니다.

Microsoft’s network of honeypot servers data showed that very few attacks targeted long and complex

또 다른 Windows 제로 데이는 관리자 권한을 허용합니다.

또 다른 Windows 제로 데이는 관리자 권한을 허용합니다.

Researcher Abdelhamid Naceri who often reports on Windows bugs this time dropped a working proof-of-concept

회신을 남겨주