Ransomware
Conti
First seen: 2020-05 • Status: inactive
Currently Inactive
Conti was a huge Russian ransomware gang. When Russia invaded Ukraine, someone leaked all their internal chats and they fell apart.
Overview
Conti was one of the most prolific ransomware groups before internal leaks exposed their operations. Members scattered to form new groups.
Also Known As
Conti Ransomware
How It Spreads
- • TrickBot infections
- • BazarLoader
- • Phishing
What It Does
- • File encryption
- • Data theft
- • Fast encryption
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Watch for Conti successor groups
- • Monitor leaked TTPs
MITRE ATT&CK Techniques
T1486, T1567, T1490
If You're Infected
- 1.
Use Conti decryptor if available
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required