CISA, FBI, NSA Warn of Increase in Conti Ransomware Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security

CISA, FBI, NSA Warn of Increase in Conti Ransomware Attacks


A new alert provides the technical details of ongoing attacks and guidance for organizations to secure systems against Conti.


The FBI, National Security Agency, and Cybersecurity and Infrastructure Security Agency today issued a joint alert warning of increased use of Conti ransomware, which has been seen in more than 400 attacks on US and international organizations, officials report.
Conti is considered a ransomware-as-a-service model; however, variation in its structure differentiates it from a typical affiliate model, the alert states. Its likely that Contis developers pay the attackers who deploy the ransomware a wage rather than a percentage of the proceeds, officials say.
They list multiple means that Conti actors often use to gain initial network access. These include spear-phishing campaigns that use emails containing malicious attachments or links; stolen or weak Remote Desktop Protocol credentials; phone calls; fake software promoted via search engine optimization; common flaws in external assets; or other malware distribution networks.
CISA and FBI have observed Conti actors using Router Scan, a penetration testing tool, to maliciously scan for and brute force routers, cameras, and network-attached storage devices with web interfaces, the alert states. Attackers will exploit legitimate remote monitoring and management software, as well as remote desktop software, to persist on target networks.
A
recently leaked playbook from Conti attackers
revealed that they exploit vulnerabilities in unpatched assets to escalate privileges and move laterally across a victims environment.
Read the
full alert
for more details.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
CISA, FBI, NSA Warn of Increase in Conti Ransomware Attacks