In late January 2022, ThreatLabz identified an updated version of Conti ransomware as part of the global ransomware tracking efforts. This update was released prior to the massive leak of Conti source code and chat logs on Februrary 27, 2022. The leaks were published by a Ukrainian researcher after the invasion of Ukraine. However, since these leaks were published, the Conti gang has continued to attack organizations and conduct business as usual. While two versions of Conti source code have been leaked, the most recent ransomware code has not yet been leaked. This blog will highlight the most recent changes to the ransomware and how Conti improved file encryption, introduced techniques to better evade security software, and streamlined the ransom payment process…
