DragonForce Cartel Emerges as Conti-Derived Ransomware Threat
DragonForce, a ransomware group using Conti’s code, has adopted a cartel model to expand and recruit
Discover the latest updates and insights on the ContiGang cybercrime syndicate, your go-to source for information security news and trends.
Search across headline titles and summaries.
Background for this topic.
ContiGang is a ransomware-focused cybercrime group linked to a series of high-impact intrusions targeting organizations across various sectors. The group typically gains initial access through compromised credentials or exploited vulnerabilities, then deploys ransomware to encrypt data and demands payment for decryption keys. Their operations often include double extortion tactics, threatening to leak stolen data if ransoms are not paid.
For security teams, ContiGang’s activity highlights the need for rigorous vulnerability management, especially patching known exploits that facilitate initial access. Monitoring for unusual credential use and lateral movement can help detect early-stage intrusion. Incident response plans should account for data exfiltration risks alongside encryption, emphasizing secure backups and network segmentation to limit ransomware impact and data exposure.
Weekly headline count for the current query.
DragonForce, a ransomware group using Conti’s code, has adopted a cartel model to expand and recruit
Ukrainian national Oleksii Oleksiyovych Lytvynenko has appeared in a US court in connection with Conti ransomware charges
Mikhail Matveev, aka WazaWaka, had worked with several ransomware groups, including Babuk, Conti, Darkside, Hive and LockBit
BlackByte, linked to the Conti group, exploited VMware ESXi CVE-2024-37085 to control virtual machines
Ukrainian police appear to have arrested a cryptor specialist with links to major ransomware groups
These new sanctions follow a first wave in February 2023, where seven Russians involved with Trickbot and Conti were also sanctioned
Between February and July, 81 victim organizations were listed on the groups' data leak sites
The firm said the tools used to attack Cisco were also deployed to compromise one of its clients
State Department offers $10m reward for info on notorious group
Researchers have observed signs of overlap between several ransomware gangs and Conti
Defunct ransomware operation was one of the most aggressive
Ivanti observed a 7.6% rise in the number of vulnerabilities tied to ransomware, most of which were exploited by Conti
The company announced that employees’ personally identifiable information was exposed in the breach
The declaration came with IT systems across several ministries rendered unusable
State Department turns up the heat on co-conspirators
The attack is believed to have been committed by Conti ransomware gang
Palo Alto claims Conti was most prolific actor last year
Report dives into recent leak of internal data on ransomware group
Milad Aslaner, senior director of cyber defense strategy at SentinelOne, warned that cyber-threats continue to increase
Two groups attacked same healthcare organization