Many ransomware campaigns launched by the Conti gang are considered one of the most active operations within the threat landscape. Its threat actors are elite Russian hackers who have developed several malware strains that took them to the spotlight.
Nonetheless, as the Conti gang has chosen to side with Russia amid the war against Ukraine, many of their opponents had become more encouraged to hack into their servers and leak their source code, like what happened last February when a pro-Ukraine researcher named ‘Conti Leaks’ has leaked the gang’s private chats to the public.
According to the researcher, the operation aimed to retaliate against the threat group with their decision of siding with Russia. Over 170,000 private chat conversations of the Conti gang from January 2021 until February 2022 were included in the leak, revealing the group’s internal activities.
Afterward, the Ukrainian researcher published the source code of the gang in September 2020 to help cybersecurity experts and authorities analyze the activities and system of the Conti ransomware.
Conti Leaks published a new password-protected Conti gang source code version on Twitter.
A January 2021 version of Conti’s source code was recently uploaded on Twitter by Conti Leaks, which is newer than the last leaked version. The leaked archive is password-protected, but people were able to decipher it based on the other tweets published by the group.
Those who could access the new version will find a Visual Studio solution inside, similar to the first released version. Users will be able to compile the Conti ransomware locker and decryptor upon access easily.
Other threat actors can modify the leaked archive however they like, including adding new features or using their public keys.
Since the leak has presented other threat actors with a new avenue for creating their own ransomware campaigns, experts see this as a threat, especially for large companies and consumers who could be potentially victimized.
Security experts believe that soon, other threat groups will be able to establish their own attack operations with the help of the leaked Conti gang source code.
