Novel Monti ransomware’s association with Conti examined

Recently discovered Monti ransomware, which emerged following the demise of the Conti ransomware operation, is having its origins investigated by security firms, reports PCMag. Intel471 researchers were unsure whether Monti is a rebranded iteration of Conti or merely a new variant based on leaked Conti ransomware source code. However, a report from BlackBerry has assessed Monti as more of a Conti copycat that emulated Conti's tactics based on the leaks in February. "While the activity of the Monti group itself seems to have been short lived, there is more we can learn from its copycat techniques. As additional Ransomware-as-a-Service (RaaS) solution builders and source code become leaked, either publicly or privately, we could continue to see these doppelganger-like ransomware groups proliferate," said BlackBerry. While the origins of Monti remain uncertain, more attacks are expected, according to Intel471. "Whether this is Conti being rebranded as Monti, in a bid to mock the former strain, or it is just another new ransomware variant on the block, it is likely we will continue to see this new variant impact businesses globally," added Intel471.