- The chat records of the Black Ransomware group are enough were leaked in Telegram
- The filter says that this is an answer to the group that attacks Russian banks
- The data contains valuable information about how the group operates
The internal chat records that detail the internal functioning of the black ransomware group are enough online.
Apparently, an individual (or a group) with the alias of exploitation of exploitation has extracted the information of Matrix, a decentralized open source communication protocol used for safe and real -time messages. Matrix is often used for encrypted chats, which makes it popular among cybersecurity professionals, privacy defenders, but also, unfortunately, cybercriminals.
Exploit Shispers first uploaded the file to Mega, but after they demolished, they established a dedicated telegram channel and leaked it there.
Aimed at National Banks
“A place to discuss the most important news about Black Enough, one of the largest groups of health workers in Russia, which recently pirate national banks,” said Leakster in Telegram. “With such matters, we can say that they crossed the border, so we are dedicated to revealing the truth and exploring the next steps of Black Enough. Here you can find information in which I can trust and read everything the most important in a channel. “
Who is exploited is, they were not happy with what Black enough was doing in recent times. They can be a discontent member or a security researcher.
In any case, Black is supposedly pointed out to Russian banks, which did not sit well with them.
The leak covers the chats between September 2023 and September 2024, and contains valuable information about the internal structure of the group.
An individual named Lapa is one of the administrators. Cortes is a threat actor with links to the Qakbot group, Yy is the main administrator and Trump is the key figure. There are some indications that Trump’s real name could be Oleg Nefedov.
It also shows phishing templates, emails, cryptocurrency addresses, data falls, victims credentials and more.
Analyzing data dump, Bleepingcomputer said that the file also contains 367 unique zoometer links, which could indicate the number of companies directed during this period.
Through Bleepingcomputer
