Updated: Mar 28
Ukrainian security researcher “Conti Leaks” has uploaded the Conti Ransomware V3.0 source code to VirusTotal and posted a link to the code on Twitter. You will recall that In February, this same “Conti Leaks” published Conti ransomware source code, as well as almost 170,000 chat conversations between the Conti ransomware gang members, covering more than a year from January 2021 through February 2022. This latest leak includes links to source code with last modified dates that are more than a year newer than the February code.
Rajiv Pimplaskar, CEO, Dispersive Holdings, Inc. weighed in on the state of ransomware during this time:
“While ransomware is a data at rest problem, information is most vulnerable for a data breach or malware infection when it in motion. Network resources are prime targets for Ransomware as a Service (RaaS) actors as they can be ideal vectors for insider threats, code and injection attacks, Man In The Middle (MITM), privilege escalation as well as lateral movement.
In addition to establishing proper access control and device posture checking to prevent unauthorized access, network security must also be bolstered with advanced capabilities such as managed attribution and active data multi-pathing. These capabilities obfuscate network soft targets as well as keep data secure from hostile detection and interception.”