Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups
The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups
Discover the latest updates and insights on the ContiGang cybercrime syndicate, your go-to source for information security news and trends.
Search across headline titles and summaries.
Background for this topic.
ContiGang is a ransomware-focused cybercrime group linked to a series of high-impact intrusions targeting organizations across various sectors. The group typically gains initial access through compromised credentials or exploited vulnerabilities, then deploys ransomware to encrypt data and demands payment for decryption keys. Their operations often include double extortion tactics, threatening to leak stolen data if ransoms are not paid.
For security teams, ContiGang’s activity highlights the need for rigorous vulnerability management, especially patching known exploits that facilitate initial access. Monitoring for unusual credential use and lateral movement can help detect early-stage intrusion. Incident response plans should account for data exfiltration risks alongside encryption, emphasizing secure backups and network segmentation to limit ransomware impact and data exposure.
Weekly headline count for the current query.
The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups
The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors
A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews
Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022
In a first-of-its-kind coordinated action, the U.K. and U.S. governments on Thursday levied sanctions against seven Russian nationals for their affiliation to the TrickBot, Ryuk, and Conti cybercrime operation
The Emotet malware is now being leveraged by ransomware-as-a-service (RaaS) groups, including Quantum and BlackCat, after Conti's official retirement from the threat landscape this year
Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022
The U.S. State Department on Thursday announced a $10 million reward for information related to five individuals associated with the Conti ransomware group
A trio of offshoots from the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks
Enforcing the "double-extortion" technique aka pay-now-or-get-breached emerged as a head-turner last year. May 6th, 2022 is a recent example
An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices
Even as the operators of Conti threatened to overthrow the Costa Rican government, the notorious cybercrime gang officially took down their infrastructure in favor of migrating their criminal activities to other ancillary operations, including Karakurt and BlackByte
The notorious Conti ransomware gang, which last month staged an attack on Costa Rican administrative systems, has threatened to "overthrow" the new government of the country
The U.S. State Department has announced rewards of up to $10 million for any information leading to the identification of key individuals who are part of the infamous Conti cybercrime gang
An analysis of four months of chat logs spanning more than 40 conversations between the operators of Conti and Hive ransomware and their victims has offered an insight into the groups' inner workings and their negotiation techniques
The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own earlier this year, according to new research
Threat actor groups like Wizard Spider and Sandworm have been wreaking havoc over the past few years – developing and deploying cybercrime tools like Conti, Trickbot, and Ryuk ransomware. Most recently, Sandworm (suspected to be a Russian cyber-military unit) unleashed cyberattacks against Ukranian infrastructure targets
Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations
Russian cybersecurity firm Kaspersky on Tuesday responded to an advisory released by Germany's Federal Office of Information Security (BSI) against using the company's security solutions in the country over "doubts about the reliability of the manufacturer." Calling that the decision was made on "political grounds," the company said it will "continue to assure our partners and customers of the
As many as 722 ransomware attacks were observed during the fourth quarter of 2021, with LockBit 2.0, Conti, PYSA, Hive, and Grief emerging as the most prevalent strains, according to new research published by Intel 471