• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
staff think conti group is a legit employer – podcast

Staff Think Conti Group Is a Legit Employer – Podcast

You are here: Home / Latest Cyber Security Vulnerabilities / Staff Think Conti Group Is a Legit Employer – Podcast
March 14, 2022

The ransomware group’s rewards – bonuses, worker of the month, efficiency testimonials & top rated-notch schooling – may be improved than yours, suggests BreachQuest’s Marco Figueroa.

Thanks to gray-hat Ukrainian hacker ContiLeaks, the Conti ransomware gang spilled its guts in late February. Considering the fact that then, scientists have been poring around the group’s secrets and techniques, which includes a huge trove of chat logs and other doxxed knowledge, including source code for Conti ransomware, TrickBot malware, a decryptor and the gang’s administrative panels.

ContiLeaks printed these inner documents just after the ransomware group’s leaders posted an aggressively pro-Russian concept on their official web page in the aftermath of Russia’s invasion of Ukraine.

✔ Approved Seller From Our Partners
Malwarebytes Premium 2022

Protect yourself against all threads using Malwarebytes. Get Malwarebytes Premium with 60% discount from a Malwarebytes official seller SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Very last 7 days, BreachQuest published the results of its week-very long deep dive into the details. In essence, BreachQuest located that Conti Team operates like a legitimate, over-board large-tech company that hires and even fires contractors and salaried staff members alike.

The dump enabled researchers to sketch out a chart demonstrating vital figureheads and the roles they participate in to expand Conti’s organization, as well as details on:

  • Earnings and prices
  • How they recruit
  • Who are the leaders
  • Who they focus on: little as properly as huge targets
  • How they focus on and escalate attacks and how they get payments
  • How they obtain their victims
  • Undertaking Blockchain – Conti group’s hard work to make its possess altcoin and
  • A additional comprehensive being familiar with of the instruments utilised to spy on and compromise victims.

Marco Figueroa, head of solution at BreachQuest, dropped in on the Threatpost podcast to give us some of the intelligence gleaned from the leaked chat logs. People logs show that more than the course of 13 months, Conti expended about $6M on income, month to month bonuses, tooling and services.

(Introduced to you by SpecOps. Underwriters of Threatpost podcasts do not assert any editorial control in excess of content material.)

Its HR team is indicative of how skillfully Conti team conducts business enterprise: They present “employee of the month” and general performance evaluate courses.

In quick, Conti team considers by itself a genuine corporation. Lots of of its staff members don’t even know they are operating for a cybercriminal outfit. Some almost certainly select to appear the other way, but the turnover is nevertheless large.

Which is likely just one reason why Conti’s teaching elements are the finest Marco’s ever seen: The team demands to document strategies since they continually have to teach new contractors.

In reality, security groups on their own should really take the coaching, Marco suggests, to find out how the specialists productively teach their regrettably top-notch cyberattackers.

By the way, just after BreachQuest’s report was published, Marco acquired a phone get in touch with from Russia: a initially for him, he explained. Both Conti’s a admirer of  BreachQuest’s exploration, it was a incorrect number, or hey, who understands? Perhaps its HR team is expanding its outreach.

Marco got a simply call from Russia. He did not solution. Resource: Threatpost monitor seize.

You can down load the podcast down below or pay attention here. For extra podcasts, check out out Threatpost’s podcast website.

Transferring to the cloud? Uncover rising cloud-security threats along with solid advice for how to defend your assets with our No cost downloadable E book, “Cloud Security: The Forecast for 2022.” We examine organizations’ prime threats and troubles, greatest tactics for protection, and suggestions for security results in these a dynamic computing natural environment, together with useful checklists.


Some pieces of this short article are sourced from:
threatpost.com

Previous Post: «Cyber Security News Canada Cops Arrests Teen Cyber-Attack Suspect
Next Post: ‘Dirty Pipe’ Linux Flaw Affects a Wide Range of QNAP NAS Devices 'dirty pipe' linux flaw affects a wide range of qnap»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Linux botnet spreads using Log4Shell flaw
  • Another Destructive Wiper Targets Organizations in Ukraine
  • New “B1txor20” Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw
  • New Infinite Loop Bug in OpenSSL Could Let Attackers Crash Remote Servers
  • FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug
  • Unpatched RCE Bug in dompdf Project Affects HTML to PDF Converters
  • NortonLifeLock and Avast merger could reduce competition, CMA warns
  • Thousands of Mobile Apps Expose User Data Via Cloud Misconfigurations
  • NSW ditches e-voting system for 2023 election
  • Kaspersky Hits Back at “Politically Motivated” BSI Advisory

Copyright © TheCyberSecurity.News, All Rights Reserved.