Conti – Ransomware as a service program

June 21, 2022

Conti is a ransomware-as-a-service program and is one of the most prolific ransomwares of the past year.

In what is believed to have been an act of revenge, an apparent insider leaked months of Conti’s internal chat logs, revealing amazing information.

The leaked chats provide victim details, source code, and even playbooks with instructions to check for vulnerabilities such as “PrintNightmare”, “EternalBlue”, and “Zerologon”.

The leaked information also gave us a behind-the-scenes look at the Conti gang’s day-to-day operations, showing that they work just like a regular company with an HR department, salaried workers with a choice of office-based, hybrid or remote work, bonuses, performance reviews, and even “employees of the month”.

This May, reports of the Conti gang shutting down surfaced, but that doesn’t mean Conti ransomware is no longer dangerous. Check out Cyberbit’s Conti Ransomware Spotlight to review its attack flow or try some of our hands-on labs to learn Conti’s initial vectors.


Past campaigns

Video-Thumbnail (002)

Interview – BCC Grupo Cajamar – ICL

Out of over 200 teams, BCC Grupo Cajamar’s cyber defense team, “Blue’s Boys”, was one of only 13 teams to make it to the finals. […]

Read More

And the next stop is – root privileges!

And the next stop is – root privileges! Microsoft has recently discovered several vulnerabilities, collectively referred to as Nimbuspwn. This lethal combination could allow an […]

Read More
Jester Stealer

Jester Stealer – the clown that will make you cry.

Microsoft’s recently discovered vulnerabilities, collectively referred to as ‘Nimbuspwn’, could allow attackers to elevate privileges to root level privileges (the highest level privileges e.g., administrator) […]

Read More

The End of TrickBot

The malware of many tricks and no treats In 2016, the threat group Wizard Spider developed TrickBot – a highly modular banking trojan believed to […]

Read More