Jack Cable authored the first in-depth peer-reviewed research into the Conti leaks. We mapped over $80 million in new payments to Conti.
This paper was published in December as part of the APWG Symposium on Electronic Crime Research, for which we received the best paper award.
In February 2022, over 168,000 internal chat messages of the Conti ransomware group were leaked. Conti is one of the most prominent ransomware groups of all time. We sought to build a picture of Conti's (quite profitable) business based on on-chain analysis of Bitcoin payments.
To do so, we manually annotated all 666 Bitcoin addresses present in the leaks based on message context (our team included a native Russian speaker). We tag addresses as either a salary, reimbursement, or ransom payment address.