Supreme Conti Ransomware training material and tools leaked by an affiliate

[1.756]

A disgruntled Conti affiliate has leaked the gang's training material when conducting attacks, including information about one of the ransomware's operators.

The Conti Ransomware operation is run as a ransomware-as-a-service (RaaS), where the core team manages the malware and Tor sites, while recruited affiliates perform network breaches and encrypt devices. As part of this arrangement, the core team earns 20-30% of a ransom payment, while the affiliates earn the rest.

Today, a security researcher shared a forum post created by an angry Conti affiliate who publicly leaked information about the ransomware operation. This information includes the IP addresses for Cobalt Strike C2 servers and a 113 MB archive containing numerous tools and training material for conducting ransomware attacks.

Hidden Content

You must register or login to view this content.

[47]

im corious thanks

[11]

An affiliate of the Conti RaaS has leaked the training material provided by the group to the customers of its RaaS, he also published the info about one of the operators.

The Conti Ransomware operators offer their services to their affiliates and maintain 20-30% of each ransom payment.

Now one of its affiliates leaked the IP addresses for Cobalt Strike C2 servers and an archive of 113 MB that includes training material and tools shared by the Conti operators with its network to conduct ransomware attacks.

nice thx!

[7]

Awesome! Thank you very much!

[55]

Fucked

[53]

fucked

[476]

Thanks brothers

[67]

intresting let me see!