A Twitter user who goes online as “ContiLeaks” has leaked a newer version of Conti ransomware source code, with the last modified dates being January 25, 2021.
The source code for Conti version 3 was uploaded to Virus Total in the form of a password-protected ZIP file. The source code leak is a Visual Studio solution that allows anyone with access to compile the ransomware locker and decryptor.
ContiLeaks has been known for their leaks of information related to the Conti ransomware operation after the group sided with Russia on the invasion of Ukraine.
At the end of February, ContiLeaks released thousands of internal messages belonging to members of the Conti ransomware group, including 393 JSON files containing a total of 60,694 messages since January 21, 2021, through February 27, 2022. These messages contain various information about the gang's activities, including previously unreported victims, messages confirming the shut down of the TrickBot botnet earlier this month, private data leak URLs, bitcoin addresses, and discussions about their operations.
Several days later, the researcher shared the source code for the group's administrative panel, the BazarBackdoor API, and screenshots of storage servers, as well as additional 148 JSON files containing 107,000 internal messages since June 2020.
Cybersecurity Help’s statement on the critical situation in Ukraine
On February 24, people in many cities and towns across Ukraine woke up to the sounds of explosions and artillery fire, as the Russian Federation launched a full-scale invasion of the country. Such actions are unacceptable, political ambitions of any man aren’t worth of blood, tears, and destruction of millions of lives. We give our full support to the Ukrainian people in these hard times. No more war! Слава Україні!