Leaks Show Conti Ransomware Group Working on Firmware Exploits

55
Leaks Show Conti Ransomware Group Working on Firmware Exploits

According to the new Conti leaks, the renowned ransomware organization has been developing firmware attacks for the Intel Management Engine (ME) technology. A Ukrainian hacker began publishing material taken from the cybercrime organization in late February, after Conti showed support for Russia during its invasion of Ukraine.

The information included chat logs, credentials, email addresses, C&C server details, and malware source code. The evidence revealed that the cybercrime ring ran like any other business, with contractors, workers, and HR issues.

The Conti group has been researching on firmware-based attacks, notably those targeting Intel ME, according to a study of the stolen chats undertaken by firmware and hardware security startup Eclypsium. Intel ME includes capabilities such as out-of-band management and anti-theft security for computers with Intel processors.

Read More: https://www.securityweek.com/leaks-show-conti-ransomware-group-working-firmware-exploits