Community Feature - @0xDISREL
Curated Intelligence member 0xDISREL has analysed and fully extracted all the tactics, techniques, and procedures (TTPs) of the Conti affiliate playbooks that were leaked in August 2021.
https://github.com/DISREL/Conti-Leaked-Playbook-TTPs/blob/main/Conti-Leaked-Playbook-TTPs.pdf
A threat actor who claimed to be a member of the Conti Ransomware-as-a-Service (RaaS) affiliate program leaked manuals used by the group, reportedly out of frustration. These manuals have proven somewhat invaluable for defenders as they now have a full understanding of how these threat actors are performing the discovery and enumeration, lateral movement, and privilege escalation stages of Conti ransomware attacks, as well as the tool and techniques.
Curated Intel Community Features are sourced using our Member Content channel on Discord. If you have recently produced a noteworthy piece of writing, a project, a podcast, an infographic or other CTI content let us know!