Browsing tag
A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The malware, dubbed Domino, is primarily designed to facilitate follow-on exploitation on compromised systems, including delivering a lesser-known information […]
Even as the operators of Conti threatened to overthrow the Costa Rican government, the notorious cybercrime gang officially took down its attack infrastructure in favor of migrating their malicious cyber activities to other ancillary operations, including Karakurt and BlackByte. “From the negotiations site, chatrooms, messengers to servers and proxy hosts – the Conti brand, not […]
These attacks started on December 13th in which the Conti gang focused on targeting VMWare vCenter servers vulnerable to Log4Shell attacks. Advanced Intelligence (AdvIntel) security firm has discovered that the Conti ransomware gang is the first cybercriminal group to adopt and embed the Log4Shell vulnerability in their operations targeting VMware vCenter Servers. “A week after […]
So far, the Conti ransomware has not demanded any ransom or published any details of the ransomware attack on their official website. A popular Scandinavian hotel has confirmed becoming a victim of a targeted cyberattack from the Conti ransomware gang. It is worth noting that Nordic Choice has branches around 200 locations in Finland, Scandinavia, […]
The data leak took place last month when the infamous Conti ransomware gang hacked Graff, a UK-based jewelry store Graff popular amongst the elite. In October 2021, the infamous Conti ransomware gang leaked thousands of records stolen from UK-based jewelry store Graff. In a surprising turn of events, the hackers have posted a statement to […]
The member who goes by the username of “m1Geelka” expressed resentment on the notion that recruited hackers are not paid reasonably by the Conti ransomware gang. Over the past decade, we have seen a range of ransomware attacks. But very rarely do we get a glimpse into their insider working on how these groups coordinate […]
According to researchers, threat actors including Conti ransomware affiliates are exploiting 3 unpatched vulnerabilities that allow unauthenticated, remote code execution on MS Exchange Servers. In late August 2021, it was reported that threat actors are targeting unpatched Microsoft Exchange Servers by exploiting ProxyShell exploits. Now, according to independent findings of researchers at Sophos Labs and […]