Conti ransomware

October 25, 2021

Conti Ransom Gang Starts Selling Access to Victims

This post was originally published on this siteThe Conti ransomware affiliate program appears to have altered its business plan recently. Organizations infected with Conti’s malware who refuse to negotiate a ransom payment are added to Conti’s victim shaming blog, where confidential files stolen from victims may be published or sold. But sometime over the past 48 hours, the cybercriminal syndicate updated its victim shaming blog to indicate that it is now selling access to many of the organizations it has hacked. A redacted screenshot of the Conti News victim shaming blog. “We are looking for a buyer to access the […]
December 13, 2021

Inside Ireland’s Public Healthcare Ransomware Scare

This post was originally published on this siteThe consulting firm PricewatersCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware. It also found affected hospitals had tens of thousand of outdated Windows 7 systems, and that the health system’s IT administrators failed to respond to multiple warning signs that a massive attack was imminent. PWC’s timeline of the days leading up to the deployment of Conti ransomware on May 14. […]
March 1, 2022

Conti Ransomware Group Diaries, Part I: Evasion

This post was originally published on this siteA Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments. Conti’s threatening message this […]
March 7, 2022

Conti Ransomware Group Diaries, Part IV: Cryptocrime

This post was originally published on this site Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical day at the Conti office, and how Conti secured the digital weaponry used in their attacks. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies. When you’re perhaps the most successful ransomware group around — Conti made $180 […]