Security News

"Whether Karakurt is an elaborate side hustle by Conti and Diavol operatives or whether this is an enterprise sanctioned by the overall organization remains to be seen," researchers said. Tetra Defense initially discovered the link between Karakurt and Conti at a client who claimed to have been hit with another extortion attempt after already falling victim to Conti and paying the ransom demand.

After breaching servers managed by the cybercriminals, security researchers found a connection between Conti ransomware and the recently emerged Karakurt data extortion group, showing that the two gangs are part of the same operation. In a recent report, Infinitum IT details that they were able to gain access to Conti's infrastructure when the Conti leaks started, on February 27, after logging into multiple ProtonMail and Mega storage accounts used by one Conti member.

The Conti ransomware operation has claimed responsibility for a cyberattack on wind turbine giant Nordex, which was forced to shut down IT systems and remote access to the managed turbines earlier this month. BleepingComputer was told on March 31st that the company suffered a Conti ransomware attack which caused the entire platform to go offline.

A hacking group used the Conti's leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations. While it is common to hear of ransomware attacks targeting companies and encrypting data, we rarely hear about Russian organizations getting attacked similarly.

American automotive tools manufacturer Snap-on announced a data breach exposing associate and franchisee data after the Conti ransomware gang began leaking the company's data in March. "We believe the incident involved associate and franchisee data including information such as: names, Social Security Numbers, dates of birth, and employee identification numbers," discloses a Snap-on data breach notification submitted to the California Attorney General's office.

Online retail and photography manufacturing platform Shutterfly has disclosed a data breach that exposed employee information after threat actors stole data during a Conti ransomware attack. Today, Shutterfly disclosed that its network was breached on December 3rd, 2021, due to a ransomware attack.

The Conti ransomware gang runs like any number of businesses around the world. It has multiple departments, from HR and administrators to coders and researchers.

BleepingComputer compiled the newly released source code for Version 3 of Conti ransomware without any issues, successfully creating the gang's executables for encrypting and decrypting files. After analyzing the source code, Payload - a Polish magazine about offensive IT security - dismissed Version 3 as being a "Giant step back" from Version 2 in terms of code quality.

A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine. After the Conti Ransomware operation sided with Russia on the invasion of Ukraine, a Ukrainian researcher named 'Conti Leaks' decided to leak data and source code belonging to the ransomware gang out of revenge.

A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine. After the Conti Ransomware operation sided with Russia on the invasion of Ukraine, a Ukrainian researcher named 'Conti Leaks' decided to leak data and source code belonging to the ransomware gang out of revenge.