In the US, the Federal Bureau of Investigation (FBI) issued an alert on 20 May regarding “Conti,” a highly disruptive ransomware variant. Cyber-attacks associated with Conti and the previously published Darkside ransomware variant are believed to be emanating from criminal networks operating from a non-cooperative foreign jurisdiction. The FBI says it identified at least 16 Conti ransomware attacks targeting US health care and first responder networks, including law enforcement agencies, emerg
First spotted in late 2019, Conti is perhaps the most prolific ransomware gang currently operating in the wild. Conti follows the emerging trend of both encrypting victim’s files as well as threatening to publish them online to extort payment. Even companies who are not hit directly by this group risk losing sensitive data if a member of their supply chain hosts/stores sensitive data on the supply chain network.
While there is limited information surround the Conti threat actors, source
For ransomware actors, innovation is a key to success, as crime gangs look for new ways to dupe people and make crypto-locking malware even more lucrative. Some hacking groups have started cold-calling victims to inform them that their systems have been hit by ransomware and request a ransom to resolve the situation. An old, yet tried and true use of chicanery. Sometime old schemes become new schemes. This is just the latest in a long line of shakedown tactics, which include not just using c
The past few months have seen a new ransomware variant emerge that is being distributed by the TrickBot malware. The appearance of this new ransomware, named Conti, corresponded with an observed decrease in Ryuk deployments. This suggested that Conti is the “successor” of Ryuk. Some media outlets have also reported that Conti was an evolved version of Ryuk, suggesting that it has evolved from the RYUK source code. While this may have been true for very early samples, a Red Sky analysis of recent
Note: this page contains paid content.
Please, subscribe to get an access.