Security News > 2021 > September > Translated Conti ransomware playbook gives insight into attacks

Translated Conti ransomware playbook gives insight into attacks
2021-09-02 21:10

Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies any misinterpretation caused by automated translation.

Apart from providing information about the gang's attack methods and the thoroughness of the instructions, which allow for less-skilled actors to become Conti ransomware affiliates and hit valuable targets.

The attack scenarios described in the documents were so thorough that "Even amateur adversaries [could] carry out destructive ransomware attacks," the researchers say.

The leak from the angry Conti affiliate also includes video tutorials, mostly in Russian, that explain how to use PowerShell for pen-testing, attacking the Active Directory, or how to use leverage SQL Server in a Windows domain.

Cisco Talos researchers believe that the translated version of the leaked Conti documentation will help other researchers better understand the tactics, techniques, and procedures of this threat actor as well as others that may be inspired by documentation.

The researchers provide translated individual texts in a ZIP archive as well as a PDF file.


News URL

https://www.bleepingcomputer.com/news/security/translated-conti-ransomware-playbook-gives-insight-into-attacks/