As BleepingComputer reports, Conti's cybercrime syndicate is powering one of the most aggressive ransomware operations and is so well organized that they and partners were able to hack more than 40 companies in just over a month.
Security researchers codenamed the hacking campaign ARMattack and described it as one of the "most prolific" and "extremely effective" of the group.
ARMattack campaign
In a report shared with BleepingComputer, researchers at cybersecurity firm Group-IB say that one of Conti's "most productive campaigns" in the past year occurred between November 17 and December 20, 2021. They discovered the group's month-long hacking spree during incident response activities and dubbed it ARMattack, based on a domain name that exposed the gang's infrastructure.
During the campaign, Conti group partners managed to compromise more than 40 organizations in various fields of activity, operating in a large geographical region, but with a focus on companies based in the USA
At the top of the ransomware game
Conti is currently one of the top three ransomware groups in terms of attack frequency, ranking second behind LockBit this year according to data from Q2022 859. Since the group came into the public eye, the list of victims who were attacked with Conti ransomware and did not pay the attacker has risen to 35. Though the actual number is likely significantly higher as the count is based only on data published on the group's leak site. Judging by that number alone, Conti released data from about XNUMX organizations on average each month. Because these companies didn't pay any ransom.
More at BleepingComputer.com