DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

MONTI ransomware gang leaks Donut Leaks (UPDATED)

Posted on March 19, 2023 by Dissent

In one of the more intriguing listings of this week, the MONTI ransomware group has added another group, Donut Leaks, to their leak site.

The message reads:

“stole 100,000 usd didn’t fulfill the terms of the deal”

The listing then provides the login credentials to what is allegedly Donut Leaks’ admin cpanel.

When tested on _D#NUT:ch, however, the login credentials did not work. Perhaps D#NUT Leaks spotted the post and changed their login.

The login screen for D#NUT Leaks says, “Keep calm and avoid of hijacking, crckng, hackng, fckng. Thx. Enjoy”

So what happened here? Did Donut Leaks screw MONTI on some deal and MONTI is now seeking revenge? It seems so, considering their comment on their site:

MONTI's description says: Donut Leaks This gay rippers

Oh, sweet mysteries of life. Donut Leaks sites were not reachable at time of publication and DataBreaches does not have other contact information for them at this time.

Update of April 11:

DataBreaches’ luck in accessing  D#nut Leaks site has been less than optimal, but it appears that the group has responded to Monti’s accusations with a statement.  Converting a screencap provided to this site by eCrime.ch, the text of D#nut Leaks’  post follows:

Hello. Today we received news that a little-known (or rather unknown) group with the telling name MONTI published a post saying that we owe them 100K USD. MONTI also allegedly posted login details for the admin panel.

Only there is a small problem: all TOR services, which are attacked every second in all possible ways, are running in docker containers, in isolated networks, without the ability to access each other. Let’s not say that we don’t use the “Admin Panels” mentioned in the note at all. No sensitive information has ever been within the reach of the chat or blog API. Backups of all services are made automatically once a day. They are duplicated on various git services. Of course, all backups, as well as information from the file storage, are encrypted asynchronously. Apparently the guys from this group are not familiar with such words.

We have never broken agreements with anyone. For us, the most important thing is the reputation we have earned. Our software has never been hacked, we pay all attention to quality, not quantity. No source code has been published anywhere. Moreover, not a single anti-virus company could even approximately, think about it, name the compiler with which our software was compiled.

Instead of a conclusion, we want to wish good luck to the guys from MONTI. We also want to wish more attention and time to be given to security issues for our “clients”, because there is nothing more interesting than to win really difficult, and therefore sweeter victories 😉

Good luck to everyone.

Curiouser and curiouser.

Category: MiscellaneousOf Note

Post navigation

← Was there a rush to arrest Pompompurin, the owner of BreachForums? If so, why?
What is the cost of not purging data or moving it offline, Sunday edition →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.