This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
A frustrated Conti affiliate revealed the gang’s training material during attacks and released details on one of the administrators of ransomware. The document contains the Cobalt Strike C2 server IP addresses and the 113 MB archive with a wide variety of training tools for ransomware attacks.
The Conti Ransomware business runs as “Ransomware-as-a-service” (RaaS), wherein the core group handles the virus as well as the Tor sites. It has been identified since 2020 as a ransomware program.
Most ransomware of Conti is laid out straight by a hacker who has obtained an unsecured RDP port, using email phishing on the Internet over a worker’s computer or used malware attachments, downloads, patch operations, or network access flaws.
Recently published at an undercover cybercrime forum called the XSS, an individual who seemed to have had a problem with the minimal money paid by the Conti gang to infiltrate the corporate networks, revealed their documents. These files have been uploaded on a forum of Russian speaking cybercrime practitioners, which contains many instruction manuals, reportedly from Conti, a Russian speaking group of hackers who have attacked several healthcare facilities, which include health chains in the U.S. and the national system of Ireland, the Health Service Executive.
The main team will get 20-30 percent of the ransom payment under this model, whereas the associates would earn the balance. The affiliate also said he had shared the information since he had been only paid $1,500 in an operation while the rest of the gang make millions and
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Inadequate Payment Leads the Affiliate to Leak the Ransomware Gang’s Technical Manual