Business News

Dow Jones futures fell slightly on Thursday morning, along with the S&P 500 and Nasdaq futures, as crude oil prices continued to rise. Attendance at a stock market rally showed strong gains on Wednesday. Fed chief Jerome Powell has promised to be “agile” in raising interest rates, while helping with a possible new round of peace talks between Russia and Ukraine.

x

Shares of SNOW collapsed overnight. A highly regarded, unprofitable cloud storage company snowflake (SNOW) surpassed views, but revenue growth slowed while its fiscal 2023 guidelines were not good enough to satisfy investors. On February 10-11, Snowflake shares tried to move above its 50-day line, but were rejected. SNOW shares can now test their lowest level since May 2021 after the IPO.

Micron Technology (MU) and Rambus (RMBS) flashes early purchase signals in the session on Wednesday while Axcelis Technologies (ACLS) is on the verge of doing so. Other games with chips close to action include Alpha and Omega semiconductor (AOSL) and Broadcom (AVGO), which reports earnings late Thursday.

Meanwhile, Apple shares have risen steadily, moving towards its 50-day line and various buying points. Apple (AAPL) on Wednesday announced a product event on March 8, with a cheaper 5G iPhone among the expected offerings.

The head of the Fed Powell told Congress that he still supports raising interest rates in March, but promised to be “agile” amid the “highly uncertain” economic consequences of the crisis in Ukraine. Powell also said he supported a quarter-point move at the Fed’s meeting on March 15-16, which looks set to take a half-point increase from the table.

Russia and Ukraine have signaled that they are open to new peace talks, but neither side appears ready to settle. Russia continues to expand its invasion of Ukraine as indiscriminate bombings increase civilian deaths in major cities. Fuel, food and other logistics remain a major problem for Russia’s invading forces, according to US defense officials. Russian troops and equipment appear to have suffered significant losses, largely due to logistical shortcomings.

MU shares are on IBD Leaderboard. Shares of Alpha & Omega and ACLS are on the IBD 50 list. Shares of Micron and AOSL were selected by IBD Stock Of The Day this week.

The video embedded in this article discusses today’s strong gains in market prices, while analyzing Oneok (OK), Mosaic (MOS) and Micron stocks.

Dow Jones futures today

Dow Jones futures fell 0.15% to fair value. S&P 500 futures fell 0.2%. Nasdaq 100 futures fell 0.4%. While SNOW shares are listed on the NYSE, its collapse overnight caused losses in a number of other highly valued software stocks, including Bill.com (BIL) and Datadog (DDOG).

US crude futures rose 2% to more than $ 113 a barrel.

Remember that the action at night in Dow futures and elsewhere does not necessarily turn into actual trading in the next regular session of the stock market.

Join the IBD experts as they analyze the actions that can be taken in the stock market rally on IBD Live

Stock market rally

The stock market rally started again with modest movements, but turned, this time up. The head of the Fed Powell, emphasizing the flexibility and modest political movements against the background of hot inflation and insecurity in the war in Ukraine, helped maintain the action.

The Dow Jones industrial average rose 1.8 percent on the stock market on Wednesday. The S&P 500 jumped 1.9%. The Nasdaq index rose 1.6%. Russell 2000 with a small capitalization jumped 2.4%.

Crude oil prices rose nearly 7% to $ 110.60 a barrel, reaching $ 112.51 during the day. This is the highest level since 2011.

Russia has trouble finding buyers or shippers for its crude oil and other goods, even at big discounts, raising concerns about global supplies. OPEC + has agreed to continue to slowly reduce production cuts since the pandemic era.

Yields on 10-year government bonds rose 18 basis points to 1.865% after falling 12 basis points on Tuesday.

ETFs

Among the best ETFs, the Innovator IBD 50 ETF (FFTY) rose 2.7%, while the Innovator IBD Breakout Opportunities ETF (BOUT) rose 3%. The ETF of the iShares Expanded Tech-Software Sector ETF (IGV) rose 1.5%. VanEck Vectors Semiconductor ETF (SMH) jumped 3.3%. The shares of Micron and AVGO are remarkable assets of SMH.

The SPDR S&P Metals & Mining ETF (XME) continued to rise, adding 3.8%. The Global X US Infrastructure Development ETF (PAVE) rose 3.3%. The US Global Jets ETF (JETS) rose 1.7%. SPDR S&P Homebuilders ETF (XHB) rose 2.9%. The Energy Select SPDR ETF (XLE) advanced 2.3% and the Financial Select SPDR ETF (XLF) 2.6%. The Health Care Fund for a selected sector SPDR (XLV) rose 1.5%.

Reflecting the more speculative stock history, the ARK Innovation ETF (ARKK) fell 1.1% and the ARK Genomics ETF (ARKG) fell 1.45%.

Five best Chinese stocks to watch now

Stocks of chips in, near shopping areas

Shares of Micron rose 8.2% to 93.30 on Wednesday, returning above its 50-day line in above-average volume. MU shares have an official buying point of 96.60 cups with a handle. But investors could use drilling a short trend line within the handle as an early entry. The model of a cup with a handle was formed until the much longer consolidation of a cup with a handle, which had a short breakthrough in December.

Shares of Rambus jumped 5% to 28.01 at a moderately higher volume. The chip technology company ended just below the point of buying a cup with a handle of 28.32, according to MarketSmith. But investors were able to buy RMBS shares as they withdrew from the 50-day line and broke the trend line, starting at a peak on December 28 at 28.89. The line of relative strength is already high, while Rambus shares are still based. This is a bull sign and is marked with a blue dot at the end of the RS line.

Shares of ACLS jumped 7.3% to 71.59, also moving away from the 50-day line. Investors could use 71.79, just above Monday’s highest level, as an early entry. The official buying point is 75.10 of the free handle at the base of the cup. The RS line for ACLS shares is already at a new peak. Axcelis manufactures specialized equipment for chips such as ion implant systems and high energy implants

Shares of AOSL rose 4.6% to 53.39, leaving its 50-day line. The shares of the manufacturer of power management chips have an input of 59.48. But investors could use a move above Tuesday’s high of 55.73 + 10 cents as an early entry.

Shares of AVGO rose 2.75% to 585.78. The shares of the wireless chip maker and the software maker must exceed the 50-day line, with 614.74 possible early entry. The official point of purchase for AVGO shares is 677.86. Broadcom’s winnings are paid out on Thursday night.

All of these chip names have a relatively modest price-to-earnings ratio, a positive element in the current pace of growth. RMBS shares have the highest PE ratio of 43, but this is not extreme for growth stocks, especially those expected to double in earnings in 2022.

In addition to these names, a number of other chip games are not far from interesting, including Qualcomm (QCOM) and Marvell Technology (MRVL).

Apple Stock

Shares of Apple rose 2.1% to 166.56, but stopped on its 21-day line. Investors can view AAPL shares as a double-bottom base with 176.75 points to buy. Investors can use the top-tier trend line in early January to find a slightly early entry, just above the 50-day line. RS’s stock line is just below record highs.

Market rally analysis

Attempts to rally in the stock market were strong on Wednesday, with big gains in Dow Jones, S&P 500 and Nasdaq prices.

However, the volume fell compared to Tuesday on both the NYSE and Nasdaq. This means that none of the indexes had the next day to confirm the new rally.

This may be for the best. All major indices are still below their 21-day moving averages, which have acted as a resistance level for most of 2022. A decisive clearing of this level would seem like the absolute minimum for investor confidence. Beyond the 21-day line, the main indices still have their February peaks, as well as their 50-day and 200-day lines as key levels, not necessarily in that order.

Russell 2000 is back above its 21-day line, but the February peaks and the 50-day camp.

The market remains extremely news-oriented. The market direction can be quickly shifted up or down based on the last title.

One positive thing: moods become bears. Only 29.9% of investment bulletins are bullish, which is below the lowest level of the pandemic collapse. Meanwhile, 34.5% are bears. When bears outnumber bulls, this is a strong sign that at least a short-term bottom is emerging, though not necessarily immediately.

Market Time with IBD’s ETF Marketing Strategy

What should we do now

Attempts to rally in the stock market recovered strongly from Tuesday’s sell-off, albeit at a lower volume.

Investors could slightly increase their exposure, perhaps diverging from the energy / commodity sectors, which performed well in 2022. Unlike late January and early February, a decent number of stocks are adjusting or flashing signals for purchase.

While this article highlights shares of Micron and other chips, health insurers, cybersecurity, construction products and shipping companies are also taking shape, along with some other games in energy, mining and metals.

But until the main indexes regain their 21-day line and the market rally has the next day, you need to keep your exposure modest. The risks of downsides remain high.

This is an important time to work on your watch lists. Throw a wide network of warehouses at bases with strong RS lines. Then focus on a selected list of names that are applicable or almost so you can see as potential big winners.

Read the Big Picture every day to stay in line with market direction and leading stocks and sectors.

Please follow Ed Carson on Twitter at @IBD_ECarson for stock market updates and others.

YOU MAY ALSO LIKE:

Want to make quick profits and avoid big losses? Try SwingTrader

The best growth stocks to buy and watch

IBD Digital: Unlock IBD’s first-class stock lists, instruments and analysis today

Tesla vs. BYD: Which thriving EV giant is better to buy?

The voluntary withdrawal includes exclusively Fitbit Ionic smartwatch models that contain a lithium-ion battery that could potentially overheat and pose a risk of burns to consumers, according to the CPSC. The agency said the withdrawal affected one million devices sold in the United States and an additional 693,000 sold internationally.

Fitbit has received at least 174 worldwide reports of battery overheating, according to the CPSC, with 78 reports of burn injuries in the United States, including two third-degree burn reports and four second-degree burn reports.

Andrea Holling, a spokeswoman for Fitbit, owned by Google (GOOG), confirmed the withdrawal in a statement to CNN Business and said the number of injury reports was less than 0.01% of units sold.

“Customer safety has always been a top priority for Fitbit, and because of this, we conduct a voluntary download of Fitbit Ionic smartwatches,” Holling said in a statement. ”

Fitbit added in a statement on its website that its Ionic smartwatches were introduced in 2017 and production for them was discontinued in 2020.

The company called on those who own a Fitbit Ionic watch to stop using the device. CPSC said users will be refunded $ 299 upon return of the Fitbit device, and the company will also provide participating users with a 40% discount code on selected Fitbit devices.

Google has announced plans to acquire Fitbit in a $ 2.1 billion deal in late 2019 as it seeks to compete with Apple’s smartwatches. The acquisition was completed last year.

Russia is estimated to have increased its crude oil production by 0.2% in February compared to January, but is still likely to be more than 130,000 barrels per day (bpd) below its OPEC + quota, according to estimates. of Bloomberg for Russian production data.

February was the third month in a row that Russia failed to meet its OPEC + quota after falling behind in production levels in December 2021, for the first time since the April 2020 pact, which ended the one-month price war with Saudi Arabia, when COVID crippled global demand.

Russia’s production difficulties relative to its quota are contributing to an already tight oil market, which has risen above $ 110 a barrel since Russia invaded Ukraine and traders and buyers began to avoid Russian cargo, even if Russian oil did not. is currently subject to sanctions.

Russia does not distinguish between crude oil production and condensate production in its official production data. After years of debate within the OPEC + group, Russia has won an exception for not considering condensate extraction as part of an agreement to reduce production.

According to the Russian Ministry of Energy in tons converted into barrels, crude oil production in Russia was about 10.095 million barrels per day in February, which is 132,000 barrels per day below its quota for the month, according to Bloomberg estimates.

Under the OPEC + agreement, Russia’s quota for February was 10.227 million barrels per day, the same as Saudi Arabia’s. The two OPEC + leaders have the right to add about 100,000 barrels per day to their production each month as part of monthly increases of 400,000 barrels per day.

OPEC + met on Wednesday and did not deviate from its plan to add 400,000 barrels a day to quotas each month, largely as expected, despite rising oil prices amid Russia’s invasion of Ukraine.

By Charles Kennedy for Oilprice.com

More popular readings from Oilprice.com:

The 19-year-old boy, who turned down Musk’s $ 5,000 offer to delete his Twitter account, recently released two new automated handles on Twitter. @RUOligarchJets and @Putinjet – after the Russian invasion of Ukraine. The two profiles have amassed nearly 300,000 followers together and provide almost updates on the movement of private jets, along with photos of maps that find them. Sweeney told the Wall Street Journal that people have long told him to create Twitter accounts like this, and those requests have increased as sanctions have been targeted at Russia’s richest.

Russia’s oligarchs are facing economic chaos at home and punishment from the West after President Vladimir Putin ordered his troops to enter Ukraine. The United States and its allies have responded by imposing sanctions on wealthy people close to the Kremlin.

Some of the planes tracked by the bills include Chelsea football club owner Roman Abramovich, businessman Alisher Usmanov and Leonid Michelson, a billionaire and chairman of Russian gas producer Novatek.

In an interview with Bloomberg, Sweeney said he was stunned by the size of the planes used by Russian oligarchs.

“The planes that these oligarchs have are absolutely crazy,” Sweeney said. The richest people in the country travel on commercial planes such as the Airbus A319 and Boeing 737. “Their planes are huge compared to other planes.”

In total, the accounts track more than 40 planes and helicopters linked to Russian oligarchs. He has invited others to help increase the number of aircraft that can be traced.

Sweeney’s Twitter account to track Musk is still live. He told the Journal that he would delete it only in exchange for a new Tesla 3 model.

Russia’s invasion of Ukraine has dramatically eased Europe’s dependence on Russian natural gas. The European Union is working to reduce its dependence on Russian energy, while various European countries, including Germany’s largest economy, are reviewing their strategic energy policies in order to reduce the vulnerability of their energy security.

It is this vulnerability that has prevented the EU, the United States and its allies from imposing sanctions on Russian energy exports (for now). Europe receives about a third of its natural gas from Russia, but dependence varies among EU members. Germany relies on 50% of Russian gas, and Italy imports 40% of its gas needs from Russia. The countries of Southwestern Europe, Spain and Portugal, do not import Russian gas, but the countries of Southeast Europe and Russia’s neighbors to the west, Estonia and Finland, are 100 percent or almost 100 percent dependent on Moscow for natural gas supplies.

As the war in Ukraine threatens to cut off Russian gas supplies – either in the form of sanctions or in revenge for Putin’s sanctions – Europe has realized that ensuring energy security would mean cutting off Russian supplies as soon as possible. way, even at a high economic cost.

Providing gas for next winter should not be a problem, analysts and the European Commission say. The question is what will Europe do in the winter after that – and all the coming winters in the long run – if it wants to reduce its dependence on Russian gas and not shape its security policy or sanctions for fear of being cut off from its largest source on gas.

This winter is almost over and European storage gas is returning to the five-year range. With stockpiles recovering in the summer, Europe could run out of Russian gas next winter, according to Wood Mackenzie.

“From record lows at the beginning of winter, storage levels have returned[ed] their five-year range, albeit lower, is on track to be in a more comfortable position by the end of March, ”said Katerina Filipenko, chief analyst, Europe gas Research, at WoodMac.

Related: Oil jumps to $ 112 as Russian crude oil becomes toxic

“Our current assessment is that the EU can survive this winter safely. Currently, gas flows from east to west continue, liquefied natural gas supplies to the EU have increased significantly, and the weather forecast is favorable. “Storage gas use has slowed and we are still around 30% of storage capacity,” European Energy Commissioner Kadri Simson said on Monday.

EU member states must collectively ensure a certain level of gas storage in their regions and conclude solidarity agreements to send gas where it is most needed, Simson said.

“The war against Ukraine is not only a turning point for Europe’s security architecture, but also for our energy system. This made our vulnerability painfully clear. “We cannot allow a third country to destabilize our energy markets or influence our energy choices,” he said.

“The European Union can do without Russian gas next winter, but it must be united in making difficult decisions, recognizing that in many cases there will not be enough time for perfect decisions,” wrote analysts at the European think tank Bruegel in an analysis. this week. .

Following Russia’s invasion of Ukraine, Germany has said it is changing course “to remove our dependence on imports from individual energy suppliers,” German Chancellor Olaf Scholz said on Sunday. Germany will build two liquefied natural gas import facilities, in Brunsbüttel and Wilhelmshaven, and seek to speed up the installation of renewable energy capacity to have 100% renewable energy production by 2035.

For Europe, running without Russian gas “will require improvisation and entrepreneurship,” Bruegel analysts say.

“The main message is that if the EU is forced or willing to bear the costs, it should be possible to replace Russian gas next winter without devastating economic activity, freezing people or disrupting electricity supplies,” they said. they.

“But dozens of regulations will have to be reviewed on the spot, the usual procedures and operations will have to be reviewed, a lot of money will have to be spent and difficult decisions will have to be made. In many cases, the time will be too short for perfect answers. ”

By Tsvetana Paraskova for Oilprice.com

More popular readings from Oilprice.com:

Netflix has acquired mobile game developer Stranger Things as it continues its gaming endeavor. The Finnish studio Next Games was bought for about 65 million euros (72 million dollars), and the deal is expected to be completed in the second quarter of 2022, as noted by Crwe World.

Currently, Next Level has three games under its belt: Stranger Things: Puzzle Tales, The Walking Dead: Our World and The Walking Dead: No Man’s Land.

The biggest games of 2022

Netflix Gaming Vice President Michael Verdue, whom the company hired last year to declare its intentions in game development, said Next Games would be a key component to those plans.

“Next Games has an experienced management team, strong experience with mobile games based on entertainment franchises, and solid operational capabilities,” said Verdu. “We are excited that Next Games will join Netflix as a major studio in a strategic region and a key talent market, expanding our internal gaming studio capabilities.

“As we begin our games, I am confident that with Next Games we will be able to build a portfolio of world-class games that will delight our members around the world.”

This is in line with Netflix’s statement in January that it aims to be the “absolute best” gaming service in the industry, expanding its list of titles in 2022. Netflix began launching its gaming service for subscribers in November and in currently has twelve games, including Stranger Things 3: The Game and the Card Blast.

Ryan Dinsdale is an IGN freelancer who sometimes remembers tweeting @thelastdinsdale.

Earlier this week, a Ukrainian security researcher expired nearly two years of internal log files for chat Conti, one of the most predatory and ruthless ransom gangs operating today. Tuesday’s story looks at how Conti handles its own internal breakthroughs and attacks by private security companies and governments. In Part II of this series, we will look at what it’s like to work for Conti, as described by Conti employees themselves.

The Conti group’s chats reveal a lot about its internal structure and hierarchy. Conti maintains many of the same business units as a legitimate, small to medium-sized enterprise, including a human resources department responsible for continuously interviewing potential new employees.

Other Conti departments with their own separate budgets, staffing schedules and senior management include:

–Encoders: Programmers hired to write malicious code to integrate different technologies
–Testers: Employees responsible for testing and closing Conti malware against security tools
–Administrators: Workers tasked with setting up, crashing servers, other attack infrastructure
–Reverse engineers: Those who can disassemble computer code, study it, find vulnerabilities or weaknesses
–Penetration Testers / Hackers: Those at the forefront who fight corporate security teams to steal data and plant ransom software.

Conti seems to have negotiated much of its spam operations, or at least no mention of “spammers” as direct employees. Conti leaders seem to have set tight budgets for each of their organizational units, although it occasionally borrows from one department to meet the urgent cash flow needs of another.

Many of the most revealing chats about Conti’s structure are betweenmango“- a mid-level Conti manager to whom many other Conti employees report every day – and”Stern“, Something like a grumpy supervisor who can be seen to be constantly annoyed by staff for reporting on their work.

In July 2021, Mango told Stern that the group was running ads on several Russian-language cybercrime forums to hire more workers. “The salary is $ 2k in the message, but there are many comments that we are recruiting slaves to galleys,” wrote Mango. “Of course, we dispute this and say that those who work and give results can earn more, but there are examples of coders who work normally and earn $ 5- $ 10k salary.

Conti’s chats show that the gang mainly monitors victims’ bots infected with their malware, both through Trickboat and Emotet criminal software platforms as a service and that it has hired dozens of people to continuously test, maintain and expand this infrastructure 24 hours a day, 7 days a week.

Conti members call Emotet “Buz“or”Buza”, And it is obvious from reading these chat logs that Buza had its own stable of more than 50 coders and probably much of the same organizational structure as Conti.

According to Mango, as of July 18, 2021, the Conti gang has hired 62 people, mostly low-level malware encoders and software testers. However, the list of Conti employees seems to have fluctuated greatly from month to month. For example, the organization has repeatedly been forced to lay off many employees as a precautionary measure after its own internal security breaches.

In May 2021, Stern told Mango that he wanted his subordinates to hire another 100 “encoders” to work with the group’s malware before most of the gang returned from their summer vacations in the Crimea. Most of these new employees, Stern says, will join the intrusion / hacking testing teams led by Conti leaders.Hof“and”Reverse“Both Hof and Reverse appear to have direct access to the Emotet crime software platform.

Attempts to estimate the exact size of Conti’s organization are problematic, in part because cybersecurity experts have long believed that Conti is simply a rebrand to another strain of ransomware and an affiliate program known as Ryuk. First spotted in 2018, Ryuk was just as ruthless and mercenary as Conti, and the FBI says Ryuk earned more than $ 61 million in ransom in his first year.

“Conti is a target version of Ryuk that comes from Trickbot and Emotet, which we’ve been watching for some time,” researchers at Palo Alto Networks wrote for Ryuk last year. “A strong focus was placed on hospital systems, probably due to the need for time to work, as these systems were overloaded by dealing with the ongoing COVID-19 pandemic. We have seen Ryuk’s initial ransom demands ranging from $ 600,000 to $ 10 million in a number of industries.

On 14 May 2021 in Ireland Executive Director of the Health Service (HSE) suffered a major ransomware attack from Conti. The attack will disrupt services in several Irish hospitals and lead to an almost complete shutdown of HSE’s national and local networks, forcing the cancellation of many outpatient clinics and health services. It took HSE until September 21, 2021, to fully recover all of its systems from the attack, at an estimated cost of over $ 600 million.

From reading these chats, it remains unclear how many Conti employees have realized how many of the organization’s operations overlap with Ryuk’s. Lawrence Abrams in Bleeping Computer mentioned Conti’s chat from October 2020, in which the representative of Emotet “Buza” published a link to the analysis of a security company for the return of Ryuk.

“Professor“The nickname chosen by one of Conti’s top generals is that Ruck’s tools, techniques and procedures are almost identical to Conti’s.

“Adf.bat is my fucking batch file,” wrote a professor, apparently surprised to read the analysis and notice that his own code was being reused in high-profile Ryuk ransomware attacks.

“It feels like [the] the same managers managed both Ryuk and Conti, with a slow migration to Conti in June 2020. ”, Abrams wrote on Twitter. “However, based on chats, some affiliates did not know that Ryuk and Conti were run by the same people.”

DELETE

Each Conti employee was assigned a specific 5-day work week, and staff schedules were distributed so that a number of employees were always available 24/7 to deal with technical problems with the botnet or to respond to ransom negotiations initiated by victim organization.

Like countless other organizations, Conti makes its payroll on the 1st and 15th of each month, albeit in the form of bitcoin deposits. Most employees receive payments of $ 1,000 to $ 2,000 a month.

However, many employees used Conti’s chat room to talk about working days without sleep or breaks, while senior managers ignored their repeated requests for rest.

In fact, the diaries show that Conti struggles to maintain a constant number of programmers, testers and administrators in the face of mostly grueling and repetitive work that doesn’t pay very well (especially in terms of the profits of the group’s top management). Moreover, some of the best members of the group were openly approached to work for competing ransomware organizations, and the group’s overall morale seemed to fluctuate between pay days.

Perhaps unsurprisingly, turnover, depletion and burnout were quite high for low-level Conti employees, which means that the group was forced to constantly recruit new talent.

“Our work in general is not difficult, but monotonous, we do the same thing every day,” he wrote.Bentley“, The pseudonym chosen by a key Conti employee who is apparently responsible for” encrypting “the group’s malware – ensuring that it goes unnoticed by all or at least most antivirus products on the market.

Bentley was turning to a new Conti lease – “Idgo“- telling him about his daily duties.

“Basically, that involves running files and checking them according to the algorithm,” Bentley told Idgo. “Investigate communication with the encoder to receive files and send reports to it. Also communication with the cryptor to send the test module to the crypt. Then test the crypt. If congestion occurs at this stage, then send reports to the cryptocurrency and work with it. And as a result – the issuance of the finished crypt to the partner. “

Bentley warned that this testing of their malware should be repeated approximately every four hours to ensure that any new malware detection capabilities added to Windows Defender – Windows’s built-in antivirus and security service – will not interferes with their code.

“A new Defender database update is released approximately every 4 hours,” Bentley told Idgo. “You have to work 8 hours before 20-21 Moscow time. And career development is possible. ” Idgo agrees, noting that he started working for Conti a year earlier as a code tester.

OBSERVATIONS

The recorders show that Conti’s gang is extremely good at quickly finding many potential new victims of ransomware, and the records include a lot of internal debate in Conti’s management about how many certain victim companies should be forced to pay. They also show with terrifying precision how a cleverly large, organized cybercrime group can transform from a single compromised computer to a wholly owned Fortune 500 company.

As a well-equipped “big game” killing machine, Conti may be incomparable to ransomware groups. But internal chat logs show that this group is in dire need of some workflow management and tracking tools. This is because over and over again, the Conti gang has lost control of countless bots – all potential sources of ransom revenue that will help pay employees’ salaries for months – due to a simple omission or mistake.

Conti’s recent chats – approximately several times a week – have highlighted requests from various officials responsible for maintaining the sprawling and ever-changing digital assets that support the ransom group’s operation. These messages invariably refer to overdue invoices for multiple virtual servers, domain registrations, and other cloud-based resources.

On 1 March 2021, a low-level Conti employee named “CarterHe says the bitcoin fund used to pay for VPN subscriptions, antivirus licenses, new servers and domain registrations is less than $ 1,240 in bitcoin.

“Hello, we’re done with bitcoins, four new servers, three vpn subscriptions and 22 renewals have been released,” Carter wrote on November 24, 2021. Two weeks before the $ 960 renewals for bitcoin 0.017. Please send some bitcoins to this wallet, thank you. “

As part of research on this series, KrebsOnSecurity has spent many hours reading every day in Conti’s chats since September 2020. I wish I could get back many of those hours: much of the talk is mind-bogglingly boring chats and store talk . But overall, I was left with the impression that Conti is a very effective – albeit remarkably inefficient – cybercrime organization.

Part of Conti’s disorganized nature is probably endemic in the cybercrime industry, which is of course made up of criminals who are probably accustomed to a less regulated lifestyle. But make no mistake: as redemption teams like Conti continue to increase payouts from victim organizations, there will be growing pressure on these groups to tighten their operations and work more efficiently, professionally and profitably.

Expect Part III of this series, which will look at how Conti provided access to the cyberweapons needed to undermine the security of their targets, and how team leaders approached ransom negotiations with their victims.

“There is a problem with the bank accounts, something has happened – the transactions are stopped for some reason.”

– Ukrainian activist Walter Lechin a conversation on Twitter Spaces, discussing ways to donate in support of Ukraine.

Development in Eastern Europe has been central to much of the world over the past few days. Aggressive and consistent streams of reports from the land in Ukraine, when the country sees the invasion of Russian troops, dominate social broadcasts and headlines.

Reports of non-governmental organizations (NGOs), which have been working directly with the Ukrainian government since 2015 and now accept bitcoin donations, have emerged from these updates on conflict and bloodshed.

Before continuing with this article, I would like to explicitly advise no one to donate any bitcoin funds until significant efforts are made to verify the addresses as best they can. This article is not intended to be a political recognition of support or a call to action. Significant efforts are currently being made by many countries involved in fraud and confusion of information and trafficking. Also, for those involved in live streams of footage and / or social media posts of this conflict: Do not click on links provided by countries you do not know or do not trust.

This is an extremely volatile situation and these areas have become a battleground for intelligence organizations, with hacker groups such as Anonymous joining the effort. Participating online in these areas can actively put you in the digital crossfire.

One such NGO is SaveLife, an organization that claims to allocate 50/50 funds between supporting veterans and victims of the war and equipping Ukrainian elements with the necessary equipment, such as bulletproof vests. SaveLife’s account has recently been frozen in Patreon – reflecting similar developments around the Canadian Freedom Convoy, as well as many other tangential scenarios that have occurred over the past two years for centralized organizations actively working to restrict freedom of information. of money transfer.

This non-governmental organization, also known as Come Back Alive, received BTC donations leading to the beginning of this latest escalation of aggression in Eastern Europe. At the time of writing, the SaveLife address has received a total of 152 BTC (worth about $ 6 million), which is almost 30% over a 48-hour period, with the Ukrainian government’s donation address accumulating a total of 15 BTC at the time of writing.

What the Ukraine-Russia conflict says about money and the state

This continuing, volatile situation highlights many concerns in the modern age.

First, the obvious: money around the world must be separated from the state, if not entirely, then at least partially / in parallel with current systems.

Ukrainians (especially it should be noted Walter LechUkrainian, who is currently in the United States but has been spreading news online for weeks about events such as his family remains in Ukraine as events continue to escalate) share disappointment with attempts to conventionally transfer funds internationally to support their families as well as their compatriots. Because these fiat rails provide too many friction points to get funds where they are most needed and on time.

Second, the bureaucracy and radically outdated systems of financial organizations continue to be powerless when dealing with real-world events, as they involve the rapid transmission of information in the modern era.

The rapid development of technology continues to create significant barriers to the effective dissemination and dissemination of information. As the mass media have proved to be a general farce about the events of the last two years in particular, these centralized entities continue to receive no legitimate and high-quality information while this is happening. Decentralized groups, affectionately referred to as open source intelligence (OSINT), are actively sought after as reputable sources by trusted reporters, such as Mark Goldbergas well as politicians, ambassadors and S2s of active service – proving the effectiveness, scope and efficiency of decentralized operations outside of the bitcoin network.

Third, these events also reveal how dangerous much of online activity is becoming. This dynamic also means that the vulnerabilities of centralized financial systems (on which most of the developed world rely) are becoming more serious. The reason for this is that the centralized entity, while acting as a digital fortress, also provides a point of attack – allowing aggressors and bad actors to focus their efforts on violating their defenses. It is very important to recognize that while some systems benefit from a blockchain, not all systems and mechanisms benefit from, let alone require, a blockchain mechanism.

I have already written for Bitcoin Magazine about the value of separating money from the state, which you can find here. Part of the reason for this article was to announce the launch of the Declaration of Monetary Independence, which is a digital product that allows signing, working like a petition that will have a physical display at the Bitcoin 2022 conference in Miami this April.

This is a guest post by Mike Hobart. The opinions expressed are entirely theirs and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.

.