Skip to main content
Articles

Dark Web Spotlight: Conti Ransomware Playbook Leaked

By Shane Walsh Wed Aug 11, 2021

Internal strife among Ransomware as a Service (RaaS) gangs is occurring more frequently these days. A few days after Babuk suffered an ironic ransomware attack, the Conti Gang’s“playbook” has been leaked by an allegedly underpaid affiliate. 

The ransomware gang leak contains the entirety of the Conti Gang’s penetration testing guides, the IP addresses for the Cobalt Strike command and control servers, and 113 MB worth of data. The 113 MB dump contains training materials and tools used by their RaaS customers. 

Cybersecurity researcher Vitali Kremez warned network administrators to look for Conti Gang activity by “scanning for unauthorized Atera Agent installations and Any Desk persistence.”

Other researchers have recommended blocking the IP addresses used by the Conti Gang.

CybelAngel Asset Discovery and Monitoring is a crucial deterrent against ransomware by locating vulnerable assets before hackers can infect them. Read more on how to protect your company here. 

This site is registered on wpml.org as a development site.