"FBI Issues Conti Ransomware Alert as Attacks Target Healthcare"

The FBI has released an alert about Conti ransomware following the identification of at least 16 Conti ransomware attacks against US healthcare and first responder networks, including law enforcement agencies, emergency medical services, municipalities, and more within the last year. The alert says that the operators of the Conti ransomware variant use malicious email links, attachments, or stolen Remote Desktop Protocol (RDP) credentials. Conti actors also weaponize Word files embedded with Powershell scripts, initially staging Cobalt Strike using the Word documents and then dropping Emotet onto the network, giving the attackers access to deploy the ransomware. According to an advisory published by the American Hospital Association, attacks linked to the Conti ransomware variant are believed to stem from criminal networks operating from a non-cooperative foreign jurisdiction. This article continues to discuss the FBI's alert about Conti ransomware attacks and other findings surrounding this ransomware variant.

Dark Reading reports "FBI Issues Conti Ransomware Alert as Attacks Target Healthcare"