Security News > 2022 > March > Conti ransomware gang's source code leaked

Conti ransomware gang's source code leaked
2022-03-02 17:35

Infamous ransomware group Conti is now the target of cyberattacks in the wake of its announcement late last week that it fully supports Russia's ongoing invasion of neighboring Ukraine, with the latest hit being the leaking of its source code for the public to see.

The researcher leaked 393 JSON files containing more than 60,000 internal messages that reported were taken from the Conti and Ryuk ransomware gang's private XMPP chat server.

The ransomware group Ryuk rebranded as Conti last year.

In the second round, the leaks included such items as screenshots of storage servers and the BazarBackdoor API. The source code for Conti's ransomware encryptor, decryptor and builder were contained in a password-protected archive.

Such information is key for a ransomware-as-a-service [RaaS] group like Conti, which not only launches its own ransomware attacks but also allows other threat actors to use its technology to launch their own attacks.

In May, the FBI issued a five-page notice to U.S. businesses warning about Conti ransomware attacks on healthcare and first-responder networks, noting at least 16 such attacks by Conti over a 12-month span and ransom demands as high as $25 million.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/02/conti-source-code-leaked/