Ransomware gang's Cobalt Strike servers DDoSed with anti-Russia messages
Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity. [...]
Discover the latest updates and insights on the ContiGang cybercrime syndicate, your go-to source for information security news and trends.
Search across headline titles and summaries.
Background for this topic.
ContiGang is a ransomware-focused cybercrime group linked to a series of high-impact intrusions targeting organizations across various sectors. The group typically gains initial access through compromised credentials or exploited vulnerabilities, then deploys ransomware to encrypt data and demands payment for decryption keys. Their operations often include double extortion tactics, threatening to leak stolen data if ransoms are not paid.
For security teams, ContiGang’s activity highlights the need for rigorous vulnerability management, especially patching known exploits that facilitate initial access. Monitoring for unusual credential use and lateral movement can help detect early-stage intrusion. Incident response plans should account for data exfiltration risks alongside encryption, emphasizing secure backups and network segmentation to limit ransomware impact and data exposure.
Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity. [...]
Google says some former Conti cybercrime gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs). [...]
Google says some former Conti ransomware gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations (NGOs). [...]