Step 1: Do a Google search. Ransomware hacker goes rogue, leaks gang's plan.
Someone claiming to work with one of the most notorious ransomware gangs says they’re fed up with how extortion money is divvied up and has leaked a host of the gang's files on a hacker forum.
The files, posted to a forum frequented by Russian-speaking cybercriminals and reviewed by NBC News, include numerous instruction manuals allegedly belonging to Conti, a Russian-speaking hacker group that has attacked several hospitals, including health care chains in the U.S., and Ireland’s national system, the Health Service Executive.
In one step-by-step guide, written in Russian, members are instructed how to identify and hack victims using Cobalt Strike, software that includes a number of known hacking programs. While built for defenders to test their own systems, Cobalt Strike has become a popular tool for criminal hackers.
The guide tells members that step one is to use Google to search for a potential target company's revenue. Hackers are then instructed to find employee accounts that have the company's administrative privileges, and how to use that information to deploy ransomware that would encrypt their entire network to hold it hostage for a ransom.
/cdn.vox-cdn.com/uploads/chorus_asset/file/24987916/Mark_Zuckerberg_Meta_AI_assistant.jpg)
