Dark Web Spotlight: Conti Ransomware Playbook Leaked

Internal strife among Ransomware as a Service (RaaS) gangs is occurring more frequently these days. A few days after Babuk suffered an ironic ransomware attack, the Conti Gang’s“playbook” has been leaked by an allegedly underpaid affiliate.  The ransomware gang leak contains the entirety of the Conti Gang’s penetration testing guides, the IP addresses for the Cobalt Strike command and control servers, and 113 MB worth of data. The 113 MB dump contains training materials and tools used by their RaaS customers.  Cybersecurity researcher Vitali Kremez warned network administrators to look for Conti Gang activity by “scanning for unauthorized Atera Agent installations and Any Desk persistence.”

Other researchers have recommended blocking the IP addresses used by the Conti Gang.

CybelAngel Asset Discovery and Monitoring is a crucial deterrent against ransomware by locating vulnerable assets before hackers can infect them. Read more on how to protect your company here.