Conti created an extortion-oriented IT company, looking like a legitimate business
According to the latest Group IB report, the Conti ransomware collective compromised more than 40 companies worldwide, which makes them one of the most prolific ransomware/extortion gangs out there.
In just four months in 2022, the group posted information belonging to 156 companies, making for a total of 859 dedicated leak site (DLS) victims in two years, including 46 in April 2022. The actual number of victims is believed to be significantly higher.
After gaining access to a company’s infrastructure, Conti exfiltrates specific documents and looks for files containing passwords and, in the end, the hackers deploy ransomware to all the devices and run it.
The threat actors’ increased activity and the data leak suggest that ransomware is no longer a game between average malware developers, but an illicit RaaS industry that gives jobs to hundreds of cybercriminals worldwide with various specializations. Read the details on Help Net Security