How I Cracked CONTI Ransomware Group’s Leaked Source Code ZIP File

Wade Hickey
Mar 1, 2022

--

  1. Leaker posted full zip with password

2. Leaker posted zip without locker without password

3. Grab some known plaintext from the second, and you can crack the first with bkcrack.

4. Now let’s crack the original password

VirusTotal:
conti_locker_v2.zip
conti_locker.7z
unlocked_conti_leak.zip

It’s amazing what the ransomware operators know about cryptography…

--

--