Conti

December 10, 2020

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

This post was originally published on this sitePayment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business. Headquartered in Columbus, Ga., Total System Services Inc. (TSYS) is the third-largest third-party payment processor for financial institutions in North America, and a major processor in Europe. TSYS provides payment processing services, merchant services […]
March 1, 2022

Conti Ransomware Group Diaries, Part I: Evasion

This post was originally published on this siteA Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments. Conti’s threatening message this […]
March 2, 2022

Conti Ransomware Group Diaries, Part II: The Office

This post was originally published on this siteEarlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves. The Conti group’s chats reveal a great deal about the internal structure and hierarchy of the ransomware organization. Conti maintains many of […]
March 4, 2022

Conti Ransomware Group Diaries, Part III: Weaponry

This post was originally published on this sitePart I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like to be an employee of Conti’s sprawling organization. Today’s Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims. Conti is by far the most aggressive and profitable ransomware group in operation today. Image: […]