Ukrainian researcher leaked the source code of Conti Ransomware

A Ukrainian researcher leaked the source for the Conti ransomware and components for the control panels.

Recently a Ukrainian researcher leaked 60,694 messages internal chat messages belonging to the Conti ransomware operation after the announcement of the group of its support to Russia. He was able to access the database XMPP chat server of the Conti group.

conti jabber leaks https://t.co/0FzXiXhI2d

— conti leaks (@ContiLeaks) February 27, 2022

https://t.co/nwmOn69BUf here is the english translation

— TheParmak (@theparmak) February 28, 2022

Clearly, the attack against the Conti ransomware and the data leak is retaliation for its support for the Russian invasion of Ukraine.

The attack will have a significant impact on the operation of the gang, considering also that many Conti’s affiliates are Ukrainian groups.

The researchers who leaked the data belonging to Conti’s communications announced more dumps are coming, and now he is leaking the source for their ransomware, including the administrative console.

According to BleepingComputer, the researcher leaked additional 148 JSON files containing 107,000 internal messages since June 2020, a time-lapse that covers the entire life of the group since its launch.

The leaked data in this second round include the source code for the Conti ransomware encryptor, decryptor, and builder, along with the administrative panel and the BazarBackdoor API.

https://t.co/fndSSAY9Bs – conti source without locker src.

— conti leaks (@ContiLeaks) March 1, 2022

The source code for the ransomware is contained in a password-protected archive, despite the researcher did not leak the password, another expert cracked it and share it.

The public availability of the source code could temporarily destroy the Conti ransomware operation because security experts could perform reverse engineering to determine how it works and develop a working decrypted.

On the other side, other threat actors could perform reverse engineering to develop their own version of the threat, a circumstance that opens to worrisome scenarios.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, Conti Ransomware)

The post Ukrainian researcher leaked the source code of Conti Ransomware appeared first on Security Affairs.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt