www.aiupnow.com
Open in
urlscan Pro
216.58.212.147
Public Scan
URL:
https://www.aiupnow.com/2021/11/experts-expose-secrets-of-conti.html
Submission: On November 20 via api from US — Scanned from DE
Submission: On November 20 via api from US — Scanned from DE
Form analysis 3 forms found in the DOM
GET /search
<form action="/search" id="searchform" method="get">
<input name="q" placeholder="Search" type="text" vk_18d09="subscribed" vk_1ad21="subscribed" vk_1b6ba="subscribed">
</form>Name: contact-form —
<form name="contact-form">
<p></p> Name <br>
<input class="contact-form-name" id="ContactForm1_contact-form-name" name="name" size="30" type="text" value="">
<p></p> Email <span style="font-weight: bolder;">*</span>
<br>
<input class="contact-form-email" id="ContactForm1_contact-form-email" name="email" size="30" type="text" value="">
<p></p> Message <span style="font-weight: bolder;">*</span>
<br>
<textarea class="contact-form-email-message" cols="25" id="ContactForm1_contact-form-email-message" name="email-message" rows="5"></textarea>
<p></p>
<input class="contact-form-button contact-form-button-submit" id="ContactForm1_contact-form-submit" type="button" value="Send">
<p></p>
<div style="text-align: center; max-width: 222px; width: 100%">
<p class="contact-form-error-message" id="ContactForm1_contact-form-error-message"></p>
<p class="contact-form-success-message" id="ContactForm1_contact-form-success-message"></p>
</div>
</form>Name: contact-form —
<form name="contact-form">
<input class="contact-form-name" id="ContactForm10_contact-form-name" name="name" placeholder="Name" size="30" type="text" value="">
<input class="contact-form-email" id="ContactForm10_contact-form-email" name="email" placeholder="Email" size="30" type="text" value="">
<textarea class="contact-form-email-message" cols="25" id="ContactForm10_contact-form-email-message" name="email-message" placeholder="Message" rows="5"></textarea>
<input class="contact-form-button contact-form-button-submit" id="ContactForm10_contact-form-submit" type="button" value="Send">
<br>
<div style="text-align: center; width: 100%;">
<div class="contact-form-error-message" id="ContactForm10_contact-form-error-message">
</div>
<div class="contact-form-success-message" id="ContactForm10_contact-form-success-message">
</div>
</div>
</form>Text Content
Experts Expose Secrets of Conti Ransomware Group That Made 25 Million from
Victims #Cybersecurity - The Entrepreneurial Way with A.I.
*
*
*
*
*
*
* Home
* About
* Policy
* Contact
MenuHomeAboutPolicyContact
BREAKING
*
*
John Rampton
LISTEN TO MUSIC ALL DAY, GET MORE DONE #STARTUPS
*
A.I.
WHICH MUTUAL INFORMATION REPRESENTATION LEARNING OBJECTIVES ARE SUFFICIENT
FOR CONTROL? #AI
*
Ben Unglesbee Khareem Sudlow
KOHL'S ENJOYS SOME UPSIDE FROM INVENTORY SCARCITY
*
Cherlynn Low
SPACEX AND NASA PLAN TO CRASH A SATELLITE INTO AN ASTEROID NEXT WEEK
*
Himani Kankaria
HOW TO FIX 21 CONTENT CREATION MISTAKES THAT IMPACT ROI VIA @SEJOURNAL,
@HIMANI_KANKARIA
* Home
* Big Tech
* Apple
* Google
* Amazon
* Microsoft
* Facebook
* Hacker News
* A.I.
* IoT
* SAAS
* Cloud
* CyberSecurity
* Machine Learning
* Startups
* SEO
* IPO
* Ecommerce
* Entrepreneur
* Small Business
* Gaming
* Gadgets
* Latest Tech
* Music
* Video
MenuHomeBig Tech- Apple- Google- Amazon- Microsoft- FacebookHacker News- A.I.-
IoT- SAAS- Cloud- CyberSecurity- Machine LearningStartups- SEO- IPO- Ecommerce-
Entrepreneur- Small BusinessGaming- Gadgets- Latest TechMusicVideo
FRIDAY, NOVEMBER 19, 2021
Home Cybersecurity Khareem Sudlow noreply@blogger.com (Ravie Lakshmanan) Experts
Expose Secrets of Conti Ransomware Group That Made 25 Million from Victims
#Cybersecurity
EXPERTS EXPOSE SECRETS OF CONTI RANSOMWARE GROUP THAT MADE 25 MILLION FROM
VICTIMS #CYBERSECURITY
BruceDayne 2:03 AM Cybersecurity, Khareem Sudlow, noreply@blogger.com (Ravie
Lakshmanan),
#HackerNews
The clearnet and dark web payment portals operated by the Conti ransomware group
have gone down in what appears to be an attempt to shift to new infrastructure
after details about the gang's inner workings and its members were made public.
According to MalwareHunterTeam, "while both the clearweb and Tor domains of the
leak site of the Conti ransomware gang is online and working, both their
clearweb and Tor domains for the payment site (which is obviously more important
than the leak) is down."
It's not clear what prompted the shutdown, but the development comes as Swiss
cybersecurity firm PRODAFT offered an unprecedented look into the group's
ransomware-as-a-service (RaaS) model, wherein the developers sell or lease their
ransomware technology to affiliates hired from darknet forums, who then carry
out attacks on their behalf while also netting about 70% of each ransom payment
extorted from the victims.
The result? Three members of the Conti team have been identified so far, each
playing the roles of admin ("Tokyo"), assistant ("it_work_support@xmpp[.]jp"),
and recruiter ("IT_Work") to attract new affiliates into their network.
While ransomware attacks work by encrypting the victims' sensitive information
and rendering it inaccessible, threat actors have increasingly latched on to a
two-pronged strategy called double extortion to demand a ransom payment for
decrypting the data and threaten to publicly publish the stolen information if
the payment is not received within a specific deadline.
"Conti customers – affiliate threat actors – use [a digital] management panel to
create new ransomware samples, manage their victims, and collect data on their
attacks," noted the researchers, detailing the syndicate's attack kill chain
leveraging PrintNightmare (CVE-2021-1675, CVE-2021-34527, and CVE-2021-36958)
and FortiGate (CVE-2018-13374 and CVE-2018-13379) vulnerabilities to compromise
unpatched systems.
Emerging on the cybercrime landscape in October 2019, Conti is believed to be
the work of a Russia-based threat group called Wizard Spider, which is also the
operator of the infamous TrickBot banking malware. Since then, at least 567
different companies have had their business-critical data exposed on the victim
shaming site, with the ransomware cartel receiving over 500 bitcoin ($25.5
million) in payments since July 2021.
What's more, an analysis of ransomware samples and the bitcoin wallet addresses
utilized for receiving the payments has revealed a connection between Conti and
Ryuk, with both families heavily banking on TrickBot, Emotet, and BazarLoader
for actually delivering the file-encrypting payloads onto victim's networks via
email phishing and other social engineering schemes.
PRODAFT said it was also able to gain access to the group's recovery service and
an admin management panel hosted as a Tor hidden service on an Onion domain,
revealing extensive details of a clearnet website called "[contirecovery[.]ws]"
that contains instructions for purchasing decryption keys from the affiliates.
Interestingly, an investigation into Conti's ransomware negotiation process
published by Team Cymru last month highlighted a similar open web URL named
"contirecovery[.]info."
"In order to tackle the complex challenge of disrupting cybercriminal
organizations, public and private forces need to work collaboratively with one
another to better understand and mitigate the wider legal and commercial impact
of the threat," the researchers said.
Found this article interesting? Follow THN on
Facebook
,
Twitter
and
LinkedIn
to read more exclusive content we post.
via https://www.AiUpNow.com
November 19, 2021 at 02:00AM by noreply@blogger.com (Ravie Lakshmanan), Khareem
Sudlow
Tags # Cybersecurity # Khareem Sudlow # noreply@blogger.com (Ravie Lakshmanan)
* 0
Shares
* Pin
* Share
* Tweet
* Share
* Share
* Share
* Share
* Mail
* Share
About BruceDayne
Block-Chain Evangelist and Entrepreneur, Khareem Sudlow now founded, advised and
invested in various blockchain projects.
*
*
*
*
*
*
Newer Article How the IoT enables more effective air quality monitoring #IoT
Older Article AI and hybrid edge-cloud solutions to dominate the IoT landscape
in 2022 #IoT
11 MALICIOUS PYPI PYTHON LIBRARIES CAUGHT STEALING DISCORD TOKENS AND INSTALLING
SHELLS #CYBERSECURITY
U.S. CHARGED 2 IRANIANS HACKERS FOR THREATENING VOTERS DURING 2020 PRESIDENTIAL
ELECTION #CYBERSECURITY
FBI ISSUES FLASH ALERT ON ACTIVELY EXPLOITED FATPIPE VPN ZERO-DAY BUG
#CYBERSECURITY
By BruceDayne at 2:03 AM
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: Cybersecurity, Khareem Sudlow, noreply@blogger.com (Ravie Lakshmanan)
Newer Post Older Post Home
* blogger
* disqus
* facebook
AUTHOR DETAILS
FRESH BEATS ADDED DAILY!
Pflege mit Herz – die Berufung von Schwester...
Schwester Doreen hat sich bewusst für einen Job in der Pflege entschieden.
Sie...
heimat-fuer-fachkraefte.de
FACEBOOK
*
*
*
*
*
*
* Microsoft
* Amazon
* Apple
RELEASING WINDOWS 11 BUILD 22000.348 TO BETA AND RELEASE PREVIEW CHANNELS #AZURE
BruceDayneNov 19, 2021
GET TO KNOW WINDOWS 11 WIDGETS WITH THESE 11 FAVES #AZURE
BruceDayneNov 19, 2021
SURVEY UNWRAPS WHAT MOMS REALLY WANT THIS HOLIDAY SEASON #AZURE
BruceDayneNov 17, 2021
TOTAL WAR: WARHAMMER III WILL LAUNCH WITH GAME PASS FOR PC ON FEB. 17 #AZURE
BruceDayneNov 04, 2021
VMWARE CLOUD ON AWS OUTPOSTS BRINGS VMWARE SDDC AS A FULLY MANAGED SERVICE ON
PREMISES #AWS
BruceDayneOct 05, 2021
NEW FOR AMAZON CONNECT: VOICE ID, WISDOM, AND OUTBOUND COMMUNICATIONS #AWS
BruceDayneSept 27, 2021
AMAZON’S KINDLE PAPERWHITE RETURNS WITH A BIGGER SCREEN, USB-C AND WIRELESS
CHARGING #AWS
BruceDayneSept 21, 2021
ROKU DEBUTS NEW STREAMING STICK 4K BUNDLES, SOFTWARE UPDATE WITH VOICE AND
MOBILE FEATURES #AWS
BruceDayneSept 20, 2021
IFIXIT'S APPLE WATCH SERIES 6 TEARDOWN DISCOVERS LARGER CAPACITY BATTERIES
BruceDayneSept 21, 2020
THE 8TH-GENERATION IPAD IS ALREADY $30 OFF AT WALMART
BruceDayneSept 20, 2020
THE APPLE WATCH DOESN'T COME WITH A POWER ADAPTER ANYMORE
BruceDayneSept 15, 2020
APPLE SIGNS FORMER HBO CHIEF TO A FIVE-YEAR DEAL
UnknownJan 02, 2020
CODING INSTRUMENTAL
VIRTUAL REALITY
GET THE MOST OUT OF YOUR GAME WITH THESE PC GAMING HEADSETS
BruceDayneSept 19, 2020
A FAN IS ATTEMPTING TO MAKE A HALO: REACH VR MOD ON PC #VR
BruceDayneDec 12, 2019
MAGIC LEAP REPORTEDLY ONLY SOLD 6,000 AR HEADSETS IN SIX MONTHS #VR
UnknownDec 07, 2019
LOW BUDGET VR SET UP
UnknownAug 06, 2019
ARCHIVE
Archive November (880) October (1321) September (751) May (332) April (693)
March (709) February (634) January (694) December (728) November (677) October
(635) September (696) August (624) July (603) June (605) May (598) April (524)
March (618) February (2279) January (3299) December (694) November (608) October
(667) September (628) August (635) July (579) June (458) May (972)
TAGS
Khareem Sudlow Tech Startups Ecommerce Cybersecurity Small Business IoT A.I.
Amazon Entrepreneur BruceDayne IPO Microsoft Google Gaming Video YouTube Gadgets
Music Apple Facebook Spotify VR Machine Learning SEO SAAS Cloud
WHAT IS A.I. UP TO NOW?
Blogs For Gadget Lovers. Have A Great Business Idea And You're Ready To Build
Your Future, But Don't Know Where To Start? Let AiUpNow Guide You.
CONNECT WITH US
*
*
*
*
*
*
TRENDING
* Visualizing the vanishing gradient problem #AI
#A.I. Last Updated on November 17, 2021 Deep learning was a recent invention.
Partially, it is due to improved computation power that allow...
* Israel's Candiru Spyware Found Linked to Watering Hole Attacks in U.K and
Middle East #Cybersecurity
#HackerNews Israeli spyware vendor Candiru, which was added to an economic
blocklist by the U.S. government this month, is said to have ...
* Experts Expose Secrets of Conti Ransomware Group That Made 25 Million from
Victims #Cybersecurity
#HackerNews The clearnet and dark web payment portals operated by the Conti
ransomware group have gone down in what appears to be an att...
CONTACT FORM
Name
Email *
Message *
CONTACT
Copyright © 2021 The Entrepreneurial Way with A.I.
| Created By Khareem Sudlow
*
*
*
*
*
*
Diese Website verwendet Cookies von Google, um Dienste anzubieten und Zugriffe
zu analysieren. Deine IP-Adresse und dein User-Agent werden zusammen mit
Messwerten zur Leistung und Sicherheit für Google freigegeben. So können
Nutzungsstatistiken generiert, Missbrauchsfälle erkannt und behoben und die
Qualität des Dienstes gewährleistet werden.Weitere InformationenOk
This website uses cookies
Okay
More info
* 0
Shares
* Share
* Pin
* Share
* Tweet
* Share
* Share
* Pin
* Share
* Tweet
* Share
X