A hacker working for Conti Ransomware has reportedly leaked some of the important document files on a hacker’s forum. The intention of the hacker on revealing the plans is unclear. But security analysts state that the hacker might have gone rogue against the Conti Ransomware group as he/she might have received less or a nil amount from the extortion money when it is divided up among his/her co-criminals involved in a cyber attack campaign.
The attacker speaking Russian language leaked some instructions on how to identify a victim by doing google search and knowing details about their annual revenue and then using Cobalt Strike software to inject penetration testing software into the victims’ network and then deploy a beacon with malicious intent.
Allan Liska, a ransomware analyst from Security firm Recorded Future, authenticated the leak and stated that it belonged to the Russian speaking Conti Ransomware gang that has a history of targeting hospitals, healthcare service chains and Ireland’s National Health System.
Conti Ransomware attack procedure leak shows how complicated things can turn out if the relationship between a principal gang member and affiliate hackers goes sour.
Note 1- Such leaks often garner the attention of the media. There is a good chance that the hacker might have received a minute portion of the amount from the extorted ransom that made him/her take the help of the web services to earn more by revealing the attack details of the Conti Ransomware group.
Note 2-Wonder why didn’t he/she not contact the StopRansomware.Gov website to earn a reward ranging up to $10 million then…?