Conti Ransomware V. 3, Including Decryptor, Leaked

The latest is a fresher version of the ransomware pro-Ukraine researcher ContiLeaks already released, but it’s reportedly clunkier code.

Pro-Ukraine security researcher @ContiLeaks yesterday uploaded a fresher version of Conti ransomware than they had previously released – specifically, the source code for Conti Ransomware V3.0 – to VirusTotal.

ContiLeaks posted a link to the code on Twitter. The code includes a compiled locker and decryptor, according to vx-underground, which has been archiving the leaks.

The archive is password-protected, but the password is easy to figure out, according to replies to ContiLeaks’ release.

source conti v3. https://t.co/1dcvWYpsp7

— conti leaks (@ContiLeaks) March 20, 2022

ContiLeaks followed up in a few hours by thumbing their nose at the pro-Russia law enforcement that the researcher said is looking for them in the UA – presumably, a reference to the United Arab Emirates.

“i can tell you good luck mf!” ContiLeaks tweeted, using another acronym that probably doesn’t need explaining.

Crap Code?

The code is apparently legitimate.

BleepingComputer compiled the newly released source code for Version 3 of Conti ransomware without any issues, successfully creating the gang’s executables for encrypting and decrypting files.

But just because it works doesn’t

Read More: https://threatpost.com/conti-ransomware-v-3-including-decryptor-leaked/179006/