A security researcher releases a new decryption tool to help some victims of the Conti ransomware fix, allowing them to recover their encrypted data for free.

Conti is one of the most notorious ransomware groups, responsible for hundreds of attacks against organizations, netting criminals over $150 million. Its victims included the Costa Rican government. national emergency declaration After systems in multiple departments were severely affected.

However, in February 2022, the Conti ransomware gang began to unfold. “Full support of the Russian government” After the invasion of Ukraine.

That statement, perhaps understandably, was not well received by many. Among them are people who historically the Conti ransomware group may have considered its partners.

In embarrassing fashion for a criminal gang that extorted millions of dollars from companies by threatening to leak data, someone claimed to be a member of the Conti group. Conti ransomware source code.

It is this source code that was used to create the modified version of the Conti ransomware, including one used by the criminal group known as MeowCorp.

Researchers at Russian antivirus company Kaspersky announced Analysis of leaked data from the Conti group, including source code, over 250 private keys, and pre-compiled decryption tools, has allowed us to create new free decryption tools for those affected.

Kaspersky believes it has discovered the private keys needed to unlock the data files of 257 corporate victims, although 14 may have already paid the ransom to the attackers.The private key and decryption code are of the latest version Kaspersky’s free RakhniDecryptor tool.

according to beeping computermost of the attacks carried out by this variant of Conti ransomware targeted Russian organizations.

It goes without saying that you should back up any important data (even encrypted) before running the decryption tool, just in case…

In May 2022, the U.S. State Department will Rewards up to $10,000,000 An additional $5 million will be paid for information that helps identify the leader of the Conti ransomware group and for information that helps arrest and/or convict gang members.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire, Inc.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog