Russia-based Conti ransomware gang source code leaked in Ukraine hack attack


And with Ukraine calling for hackers to come work for them, the cyber-realm is a battleground. Hacktivist group Anonymous has come to the aid of the embattled nation. And cyberwar has been declared.

Conti ransomware gang devastating attack

The Conti gang now public chats and communications cover a variety of topics.

  • Active Directory Enumeration
  • SQL Databases Enumeration via sqlcmd.
  • How to gain access to Shadow Protect SPX (StorageCraft) backups.
  • How to create NTDS dumps vs vssadmin
  • How to open New RDP Port 1350

And these tools:

  • Cobalt Strike
  • Metasploit
  • PowerView
  • ShareFinder
  • AnyDesk
  • Mimikatz

After 60,000 chat messages were posted, 107,000 internal communications went public. Then the malware’s source code was published. This includes source code for multiple Conti tools. And the hacker group’s administration panel and the BazarBackdoor API.

An archive of the password-protected Conti ransomware encryptor, decryptor, and builder went public. And thanks to efforts from additional researchers the password was cracked, and Conti’s secrets were exposed. During the process, the darknet group became increasingly vulnerable.

Conti damaged image taking a hit

During the process, the darknet group became increasingly vulnerable.