[MART] - Daily Diary #474 - Conti Ransomware v3 Leaked

CTAS-MAT ctas-mat at appgate.com
Mon Mar 21 22:28:12 UTC 2022 

Hello,

I hope everyone is doing well!

Below is the entry for today.

03/21/2022 - Diary entry #474:

In our Daily Diary #461, we talked about Conti Syndicate, the Russian-speaking cybercrime group behind Conti Ransomware, and an announcement on their wall-of-shame blog supporting Russia against Ukraine. Two days later, an unknown individual created a Twitter account named ContiLeaks and started to post Conti's private chat logs, screenshots, and the Conti Ransomware version 2 source code.

Initially, the Ransomware source code had password protection on the module responsible for encrypting files. However, versions containing that module without password protection appeared soon on the Internet. More recently, the ContiLeaks account posted Conti Ransomware version 3 source code.

Conti is not the first malware to have its source code leaked online. Every time that happens, it becomes a rich source for security researchers to understand better Conti's TTPs and develop possible countermeasures to avoid further attacks. On the other hand, it makes it easier for unskilled cybercriminals to develop their own Ransomware or improve their own based on Conti's capabilities. About the Conti group itself, they are still one of the most dangerous ransomware families active, making new victims every day.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Tarijon de Almeida
Malware Analyst
Appgate

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220321/c1223764/attachment.htm>

More information about the MART mailing list