Carbon Black: Conti ransomware launches 32 threads at once to encrypt files

ransomeComputer security experts at Carbon Black talked about the new Conti ransomware virus, which is characterized by the speed of file encryption and some other features.

Conti belongs to the so-called “human-driven ransomware viruses.” That is, first, hackers carry out a targeted attack on computer networks of government departments or large companies, and then they already launch the virus.

At the same time, to ensure encryption speed of files, Conti starts 32 threads at once. Multithreaded viruses are not unique, but so many threads are unusual. Another feature is the management of the virus through the console client. For example, a virus can be “set” to encrypt only network directories, and files on the local computer can be left unchanged.

“Thus, hackers can provide a targeted effect even on an infected network and attack, for example, one specific server. In addition, this tactic allows the virus to go undetected longer, ”said Brian Baskin, Technical Director for Carbon Black Attack Research.

Another highlight of Conti is the use of the Windows Restart Manager component, which allows you to unlock the file before rebooting. Thus, the virus can encrypt files that are normally blocked by another process. For example, database files. According to Carbon Black experts, this is a truly rare technique.

Like other ransomware viruses, Conti requires a ransom payment in bitcoins to obtain a file decryption tool. At the same time, there are currently no ways to decrypt files without paying a ransom.

Recently, it was reported that the virus coder Avaddon uses Microsoft Excel macros for distribution. In addition, earlier this month it became known that macOS users were attacked by the EvilQuest virus.

About author

Experienced Founder with a demonstrated history of working in the newspapers industry. Skilled in Data Research, Management, Investment Research, Teamwork, and Leadership. Influencing the technology, people, and technical analysis of the Cryptocurrency and Blockchain world.
Related posts

OFAC: Paying Ransomware During Ransomware Attacks May Violate US Sanctions


Patient dies due to ransomware attack on hospital in Dusseldorf


Large Chilean bank closes branches due to ransomware infecting computer systems


McAfee: NetWalker ransomware brought hackers $ 25 million in 4 months

Sign up for our newsletter and stay informed

0 0 votes
Page Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x