CONTI RANSOMWARE, MORE POWERFUL THAN YOU THINK

The word that frighten us the most in this cyber world is Ransomware! All big enterprises try to protect themselves from this but bad actors are always a step ahead which give end results as data breach to the organization.

There are lots of Ransomware groups which run affiliates in the underground. Some names for popular group out there are the Sodinokibi aka Revil, Avadddon, Maze, Thanos and more. These all ransomware operators are run by the professional experts behind them but due to their deeds they are being regarded as unethical or bad actors.

So discussing about the groups, researchers from Carbon Black Threat Analysis Unit (TAU) (a unit from Vmware) have recently come across a group named Conti Ransomware operators that really have out of the box thinking.

The most powerful feature behind this ransomware is that it creates 32 threads to encrypt files. In a simple language, it utilizes more computing resources such that at a particular time you have 32 different hands working on the same task. You can think it to be same as that of 32 workers together building a large wall. The concept behind using 32 threads simultaneously is just to make the process of encryption faster as at the end the ultimate game of the ransomware is just to quickly encrypt all the data so that it can demand ransom from the victims.

This ransomware operators uses the most powerful AES-256 encryption that makes it more difficult to decrypt files.