CONTI Virus - Details CONTI mean a ransomware-type infection. The virus comes from the Conti…
Submissions to ransomware identification site ID Ransomware also show the increased activity of Conti ransomware since June 15th.
“Since July 2020, Ryuk is no longer being deployed, and in its place, the TrickBot-linked operators, are now deploying the Conti ransomware”, — argues Vitali Kremez from Advanced Intel.
Nowadays, many ransomware operators often practice the so-called “double extortion”. For example, attackers demand a ransom from companies directly for decrypting the affected data, but before starting encryption, they also steal confidential information, and then threaten to publish it to the public if the victim does not pay a second ransom.
A notable example of such a double ransom attack is the recent incident at the University of Utah.The educational institution practically was not affected by the ransomware attack itself, but it was still forced to pay the criminals $457,000, as they threatened to disclose the personal data of the students that was stolen during the attack.
This tactic has been used by ransomware since 2019, and the operators of the ransomware Maze were the first to launch the site for leaked data. Other factions soon followed suit, including Ako, Avaddon, CLOP, Darkside, DoppelPaymer, Mespinoza (Pysa), Nefilim, NetWalker, RagnarLocker, REvil (Sodinokibi), and Sekhmet.
Now this list has been joined by the Conti ransomware, which appeared relatively recently. The group’s website has already listed 26 victim companies, many of which are very large and well-known.
For each victim, hackers create a separate page containing samples of stolen data.
Previously, the operators of this ransomware included only a message stating that the victim’s data was encrypted and provided two email addresses to contact them.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…