Conti Ransomware Group May Surprise You. A Highly Organized, Well Funded Gang With Lots of Employees!

If you thought Ransomware Groups were small and unsophisticated in their operations, you were wrong. What the Conti Ransomware leak taught us is exactly the opposite. They are a highly structured and differentiated organization not very much unlike legitimate orgs. Brian Krebs had a great article on this.


" The Conti group’s chats reveal a great deal about its internal structure and hierarchy. Conti maintains many of the same business units as a legitimate, small- to medium-sized enterprise, including a Human Resources department that is in charge of constantly interviewing potential new hires.

Other Conti departments with their own distinct budgets, staff schedules, and senior leadership include:

Coders: Programmers hired to write malicious code, integrate disparate technologies
Testers: Workers in charge of testing Conti malware against security tools and obfuscating it
Administrators: Workers tasked with setting up, tearing down servers, other attack infrastructure
Reverse Engineers: Those who can disassemble computer code, study it, find vulnerabilities or weaknesses
Penetration Testers/Hackers: Those on the front lines battling against corporate security teams to steal data, and plant ransomware." Highly recommended read.


Discuss it on Hackbuster’s Forum. Read it here.