Security News > 2022 > April > Hackers use Conti's leaked ransomware to attack Russian companies
A hacking group used the Conti's leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations.
While it is common to hear of ransomware attacks targeting companies and encrypting data, we rarely hear about Russian organizations getting attacked similarly.
This lack of attacks is due to the general belief by Russian hackers that if they do not attack Russian interests, then the country's law enforcement would turn a blind eye toward attacks on other countries.
The Russian entities claimed to have been attacked by the hacking group include document management operator Tensor, Russian space agency Roscosmos, and VGTRK, the state-owned Russian Television and Radio broadcaster.
More recently, the NB65 hackers have turned to a new tactic - targeting Russian organizations with ransomware attacks since the end of March.
What makes this more interesting, is that the hacking group created their ransomware using the leaked source code for the Conti Ransomware operation, which are Russian threat actors who prohibit their members from attacking entities in Russia.
News URL
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean hackers pave the way for Play ransomware (source)