Monti, the New Conti: Ransomware Gang Uses Recycled Code

A new group, Monti, appears to have used leaked Conti code, TTPs, and infrastructure approaches to launch its own ransomware campaign.

Analysts have discovered a ransomware campaign from a new group called Monti, which relies almost entirely on leaked Conti code to launch attacks.
The Monti group emerged with a round of ransomware attacks over the Independence Day weekend, and was able to successfully exploit the
Log4Shell vulnerability
to encrypt 20 BlackBerry user hosts and 20 servers, BlackBerrys Research and Intelligence Team reported.
After further analysis, researchers discovered that the indicators of compromise (IoCs) for the new ransomware attacks were the same as in previous
Conti ransomware attacks
, with one twist: Monti incorporates the Acrion 1 Remote Monitoring and Maintenance (RMM) Agent.
But rather than being
Conti reborn
, the researchers said they believe
Monti lifted Contis infrastructure
when it was
leaked last spring,
during February and March.
As additional ransomware-as-a-service (RaaS) solution builders and source code become leaked, either publicly or privately, we could continue to see these doppelganger-like ransomware groups proliferate, the BlackBerry team added. General familiarity with the TTPs [tactics, techniques and procedures) of known groups can help us identify any unique traits of these lookalike crews.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Monti, the New Conti: Ransomware Gang Uses Recycled Code