Saturday, September 24, 2022
HomeCyber SecurityRansomware Gang Makes use of Recycled Code

Ransomware Gang Makes use of Recycled Code



Analysts have found a ransomware marketing campaign from a brand new group known as “Monti,” which depends virtually fully on leaked Conti code to launch assaults.

The Monti group emerged with a spherical of ransomware assaults over the Independence Day weekend, and was capable of efficiently exploit the Log4Shell vulnerability to encrypt 20 BlackBerry person hosts and 20 servers, BlackBerry’s Analysis and Intelligence Group reported.

After additional evaluation, researchers found that the symptoms of compromise (IoCs) for the brand new ransomware assaults had been the identical as in earlier Conti ransomware assaults, with one twist: Monti incorporates the Acrion 1 Distant Monitoring and Upkeep (RMM) Agent.

However fairly than being Conti reborn, the researchers stated they consider Monti lifted Conti’s infrastructure when it was leaked final spring, throughout February and March.

“As further ransomware-as-a-service (RaaS) answer builders and supply code grow to be leaked, both publicly or privately, we might proceed to see these doppelganger-like ransomware teams proliferate,” the BlackBerry workforce added. “Basic familiarity with the TTPs [tactics, techniques and procedures) of known groups can help us identify any unique traits of these lookalike crews.”

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments