A hacker working for Conti Ransomware has reportedly leaked some of the important document files on a hackerās forum. The intention of the hacker on revealing the plans is unclear. But security analysts state that the hacker might have gone rogue against the Conti Ransomware group as he/she might have received less or a nil amount from the extortion money when it is divided up among his/her co-criminals involved in a cyber attack campaign.
The attacker speaking Russian language leaked some instructions on how to identify a victim by doing google search and knowing details about their annual revenue and then using Cobalt Strike software to inject penetration testing software into the victimsā network and then deploy a beacon with malicious intent.
Allan Liska, a ransomware analyst from Security firm Recorded Future, authenticated the leak and stated that it belonged to the Russian speaking Conti Ransomware gang that has a history of targeting hospitals, healthcare service chains and Irelandās National Health System.
Conti Ransomware attack procedure leak shows how complicated things can turn out if the relationship between a principal gang member and affiliate hackers goes sour.
Note 1- Such leaks often garner the attention of the media. There is a good chance that the hacker might have received a minute portion of the amount from the extorted ransom that made him/her take the help of the web services to earn more by revealing the attack details of the Conti Ransomware group.
Note 2-Wonder why didnāt he/she not contact the StopRansomware.Gov website to earn a reward ranging up to $10 million thenā¦?