• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
conti source code leaked by ukrainian researcher

Conti source code leaked by Ukrainian researcher

You are here: Home / General Cyber Security News / Conti source code leaked by Ukrainian researcher
March 2, 2022

Shutterstock

The researcher who leaked interior chats from the Conti ransomware group has now revealed its supply code and seems to have doxxed 1 of its developers.

The leaker, heading underneath the Twitter title @Contileaks, had at first published inside chats from the group on Sunday in reaction to its declaration of support for the Russian invasion of Ukraine. They followed it up by publishing the source code right away.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The researcher printed the code as a password-secured file, prompting a flurry of requests for obtain. They stated that they would release the password to reliable parties, expressing in a tweet: “conti src password shared only with reliable ppl for now. to stay away from much more destruction!”

Even so, before this 7 days, one more researcher appeared to have cracked the password and shared the code on the internet.

Other code released in the ContiLeaks dumps appears to include the source for the TrickBot command dispatcher and facts collector. The researcher also published access specifics for a number of storage servers utilised by the Conti team yesterday.

The leak also extended to personal details. The researcher tweeted what they declare is the GitHub website page and Gmail address gleaned from the code. The address is flagged in the code as an developer for the Conti group, but responses to the tweet suggest that the developer did not know that he was producing back again-conclude code for a ransomware operation.

Amid the details posts, the researcher continued to criticize the Russian federal government for its attack on Ukraine, publishing: “a lot more sanctions! they demolish hospitals, and a ton of ppl died! even some of my buddies !”

Screenshots have appeared of the Conti recovery dashboard and the BazarLoader command and manage panel used to regulate contaminated devices.

Other individuals claimed that the resource code is not the most recent model. The leaked code allegedly dates again to September 2020.

Considering that the initial leaks happened, different analyses have appeared on the internet detailing the bitcoin addresses utilized by the team, along with lists of email addresses located it its correspondence. Other data now freely available on the internet incorporates hundreds of details factors detailing domains utilized in the ransomware’s command and control infrastructure, alongside with the gang’s active dark web chat IDs.


Some pieces of this write-up are sourced from:
www.itpro.co.uk

Previous Post: «Cyber Security News #CCSE22: How to Create a Security First Culture
Next Post: #CCSE22: “Focusing on Reducing Time to Containment Is Way to Reduce Threat Risk” Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.