# The Conti Leaks | Insight into a Ransomware Unicorn **[breachquest.com/conti-leaks-insight-into-a-ransomware-unicorn/](https://www.breachquest.com/conti-leaks-insight-into-a-ransomware-unicorn/)** March 9, 2022 Marco Figueroa, Napoleon Bing, Bernard Silvestrini / March 9, 2022 ## Key Findings and Takeaways: The Conti ransomware threat actors are shown to be a multi-layered organization that operates like a company that hires and even fires contractors and salaried employees alike Key figureheads and the roles they play to grow Conti’s enterprise will be discussed Conti’s overhead costs (tracing bitcoin transactions to employees and funds dispersed for services and tools) have been detailed Project Blockchain – An effort to create their own altcoin has been discovered Operational details of Conti’s workflow reveals how they compromise, escalate, and receive payments The various tools used to spy on and compromise victims are now better documented ## Overview: Globally, groups, countries, and companies have been bracing for impact from potentially crippling attacks in the wake of last week’s announcement by the global ransomware group Conti to execute [cyberattack campaigns supporting Russia’s ongoing invasion of Ukraine.](https://www.breachquest.com/?p=2249) However, in late February 2022, the infosec community began circulating leaks provided by a Ukrainian security researcher that detail multiple years of internal chat logs and more of Conti operations. Conti is the source of a broad range of ransomware attacks, many of which have been focused on “Big Game Hunting,” looking for large payouts. However, the analysis of the leaks of the chat logs has shown that they do not limit attacks to just large companies or targets and do go after small businesses. The warnings of new attacks comes-off the heels of an anonymous tip believed to be the aforementioned Ukrainian researcher who leaked this treasure trove of data. This blog dissects the internal chat logs that illuminate how Conti’s organizational infrastructure is run details key figureheads, tooling as well as bitcoin transactions. This analysis will help organizations better understand the inner workings of Conti’s organizational infrastructure. ## I. Conti Figure Heads ----- **Stern: “The Big Boss”** Stern is the captain of the ship; he is responsible for tasking team leads, the disbursement of wages, and budgeting for the tools and services needed for the organization as a whole. Log analysis shows Stern sending over 4000 messages to various members of the organization. **Salamandra: “HR/Recruiter”** ----- The operator Salamandra is a critical part of the success of Conti, his role is one of HR department “ and helps in negotiating with new candidates and their roles. Salamandra also assists with the recruiting services and combs through resumes looking for the right candidates. Salamandra is the conduit to getting people onboarded and put in the right position to excel in their new role. **Bio: “Blogger/Negotiator”** Bio helps the teams negotiate with the victim organization and writes blogs for Conti. These blogs are usually about the compromised victims and includes their captured information, and the percentage of data released depending upon how ransom payment goes. Bio makes sure that Conti provides the decryptor key to the “customer” to honor the contract if paid in full. ----- **Mango: “Team Lead”** Mango, a very vocal leader responsible for Team C, is seen spearheading many different operations throughout the chat logs. Seen below we can see Mango informing leader Stern on his team’s burn rate for the month. **Revers: “Tech Lead”** ----- Revers is responsible for technical interviews with prospective new hires, helps with onboarding, and ensures his team and new recruits have all the equipment they need for work. **Bentley: “System Admin”** Bentley keeps track of server farms and sends requests to pay for expenses incurred while paying for multiple workers within Conti. He always makes sure that each team pays for their tooling on time and asks for crypto reports from each team lead. ----- **Twin: “Training”** Twin is the person that could potentially be the most vital part of the Conti group, he provides in-depth training and provides new recruits with different scenarios they may encounter when compromising a target’s environment. Twin is the “HOW TO PERSON” ----- ## II. Conti’s Organizational Infrastructure **Recruiting/Onboarding** Conti recruits their workers in a few different ways, the first is recommendations from current trusted workers. The other is using recruiting services to find candidates with the skillsets Conti needs to fill. One of the services that Conti uses is hhcdn.ru. This service allows Conti’s HR department to access the resume database to view potential qualified candidates’ information. An analyzed chat from HR “Salamandra” informs “Stern” that the services introduced a significant change in the pricing models but they could get a discounted rate. (hxxps://hhcdn[.]ru/file/16899324.pdf). ----- Interviewing at Conti is a bit more problematic. Conti has the interviewees wait in a chat room and gives them questions over chat and not via video. The Conti group does not have video as part of this process due to many of the candidates leaving the chat rooms before the interview begins as well as a way to maintain operational security of its members. The candidates that do pass the interview negotiate the terms of salary and the role they will have in the organization. Once they are officially hired, they go through “Newbie Induction Training”. Conti keeps the work that the new candidates will be doing vague to prevent recruits from understanding too much of the organization they are joining. Call it willful ignorance, operational security or skillful recruitment, but it looks like new candidates do not entirely understand the organization they’ve agreed to work for. This may be a contributing factor to Conti’s high turnover rate. ----- Conti understands that the turnover ratio of workers is also very high due the fact that they are running a criminal organization. The Conti Group has an HR/Recruiter that assists with the continual finding and recruitment of new candidates. Once the candidates begin working on a project, the supervisors begin with onboarding the workers that require training. This usually encompasses training manuals and one-on-one interaction. Stern, the Boss whose role we will go into his in the Conti Figure Heads section, often asks other workers, “how are you doing on recruiting people? can we start recruiting again or are we still training?” In one of the chat logs released users1-8 are training to understand how to use the tools and techniques in the Conti organization’s arsenal. We can see tl1 and tl2 providing direction for certain situations potentially affecting workstations/networks and informing the trainees what they should do if said issues arise. ----- **Conti’s Structure** Conti understands that it needs talent with skills to continue making money through its victims. The leadership of Conti provides the direction the organization will follow. With the Conti Leaks release and the ongoing war in Ukraine, we believe Conti’s leaders will be more motivated to intensify its efforts, as the rubles continue to plummet. Many analysts think that due to sanctions many Russians will be moving to bitcoin until the rubles stabilizes. The Boss, “Stern”, provides payment via bitcoin to all workers under Conti. Many of Conti’s workers ask “Stern” directly for payment via bitcoin throughout the leaks. However, in the chat logs, we also see top-level managers providing burn rate summaries of their team’s workers and asking for payment from Stern. Teams are divided into groups, and each group is assigned a team leader. If the size of the group exceeds a certain amount, the group may have multiple leaders. Team leaders are responsible for issuing work cases, helping with builds, networks, and other technical issues related to software, providing manuals and guides to newly developed software, and ensuring their workers have the support they need to succeed. The workers are explicitly required to “Listen, Do, Learn, and Ask questions, Follow the guides and instructions, complete the assigned tasks”. The screenshot below is an example of what each group’s workers are expected to do: ----- Conti is constantly hiring talent. Some messages from team leads have requests for Full Stack developers, Crypto developers, C++ developers and php developers. Once hired they are assigned to a team to create different tools like lockers, spamming, backdoor tools and/or admin panels. Many of the web applications had been previously written in php, and the released software was missing code and was almost impossible to get working. This all had to be fixed. Reverse Engineers are tasked with diffing Microsoft updates to know what changes come after system updates. A recent discussion with the boss to a team lead “We need someone to keep track of fixes from MS and the like to know what changes come after system updates, office updates, etc. Just like they track us, we need to analyze them and be aware of all the current changes right away. What do you think about that?”, they [also reverse engineer endpoint protection products to bypass protection that may tamper or](https://www.breachquest.com/?p=2263) inhibit their success in any way. The OSINT teams look for targets by collecting information from openly available sources online with various techniques. Admins assist in managing compromised enterprise networks and collecting victim information critical to their business to extract the maximum amount of payment. Testers help by evaluating and verifying that the Conti tooling does what it is supposed to do in specific environments. The chat logs reveal the daily Windows Defender signature test to ensure that Conti’s tools would not be detected. **Hunting For What Matters** When Conti compromises an organization, they follow specific processes that they’ve used in the past to ensure a foothold into the network. When the Conti group compromises Active Directory, they are looking for potentially interesting people like an admin, engineer, or [someone in IT. Many companies think that backups are sufficient, but Conti hunts for](https://www.breachquest.com/?p=2233) backup servers to [encrypt the backups as well as training manuals reveal that they know](https://www.breachquest.com/?p=2261) techniques to bypass backup storage vendors to make sure the backups are encrypted. One of the instructions that stood out the most was a section titled “HOW AND WHAT INFO TO DOWNLOAD” that they state after raising the privileges to domain admin and invoke ----- share finder, what Conti is interested in are financial documents, accounting, clients, projects, and much more. They understand that it all depends on the target organization to get the information needed for the victims to pay. ## III. Conti’s Project Blockchain In June of 2021, Stern sends a message to the channel asking, “Are there any of us who consider ourselves blockchain gurus and trendsetters? Who might know where to go in this direction and what to develop”. 21 days after his initial inquiry, he messages Logan. He lays out the direction for an altcoin (Altcoin: A coin other than Bitcoin) to build their own blockchain, and he wanted Logan to study the system, code, and working principles. Stern’s appetite to make Conti’s altcoin is shown to be a high-priority project. ----- Stern has been involved with ransomware activity for more than four years. In November of 2021, Stern stated that he was losing interest in ransomware campaigns and wanted to set his sights on blockchain technology and new projects. Stern has invested money in the blockchain department, Stern’s blockchain transactions reveal a substantial financial and [operational overlap. A security researcher tweeted Conti and Ryuk pay “stern” direct](https://twitter.com/JBurnsKoven/status/1498679108812877824) commissions from ransom victim payments. ----- The chat logs reveal in February 2022 that there is a blockchain department and the team lead is Collin. Another team lead, Mango, informed another worker that “blockchain needs people” and that the Boss approves all the expenses to try to get him to move to that department. In another conversation from Demon and Van, “you and I are exactly where on the blockchain for two years” the below screenshot shows how far they are from completing the development of their own blockchain. Based on the leaks, we can infer that they are thinking of writing the Conti’s blockchain in Rust as there are only a dozen or more altcoins written in Rust. ## IV. Conti’s Bitcoins Transaction Conti, like many other ransomware gangs, used tokens like Monero for transaction anonymity. However, it is easier for targeted organizations to get a hold of Bitcoin when dealing with ransomware groups like Conti. But what we can see when using tools like blockchain.com is the transaction history, amount, time, and bitcoin wallet addresses used to pay Conti’s ransom. We extracted a total of 255 bitcoin wallets in the Conti Leaks. We focused on the transaction history of these wallets and the amounts that were sent for Conti organizational usages like salary, tooling, and services. They are few transactions made to these Bitcoin wallets. Many of them had less than three payments in total. These wallets act like shell companies and one-off payments to other Bitcoin wallets are made because they disguise transactions, so it does not stand out from the norm. Studying the leaks, we see that Conti has spent an estimated 6 million dollars on employee salary, tooling, and professional services from January 2021 to February 2022. A tool used by Conti when dealing with Bitcoin is Segwit wallets. Segwit stands for “Segregated Witness” and these wallets use a technique while processing transactions that helps it reduce transaction fees. Segwit tackles a major problem with bitcoin’s scalability. It makes the Bitcoin blockchain lighter by storing the witness data on a sidechain, making each bitcoin transaction use 65% less data when recording transactions on the blockchain. The lighter data allows for faster transaction speeds which lead to reduced fees, and when dealing with the volume of Bitcoin that Conti deals with, this can be a great benefit. Conti transfers an immense amount of money via bitcoin. Some security researchers have estimated that Conti’s total revenue is over $2.7 billion. Ransomwhe.re has been tracking the amount of money earned by different ransomware crime groups. They have reported that since September of 2021 Conti has made a total of $50,881,191.17. Conti puts on an eminently professional façade when conducting several of their business processes. In the “Recruiting/Onboarding” section we dive into how the hiring procedure works for new recruits coming into Conti. The onboarding process might seem unprofessional and unstructured to the recruits, but Conti tries to cover that up with a legitimate HR department. The dodgy recruiting process does deter many candidates but the ones that stay are sure to be well compensated. Based on what was leaked, we can ----- estimate that there have been 485 people that have gone through the Conti system. This includes employees, victims, and potential candidates who may have declined to participate in the group. Another display of Conti’s professionalism theatrics is in their data and asset recovery process. Conti takes payment seriously; when a target pays the ransom, the recovery of the target’s assets and data will be “Priority 1” on Conti’s list. Conti even has a tech support staff on hand to assist targets and they are even willing to negotiate ransoms depending on how prominent their target is. This small display of empathy and assistance could be a factor that makes the victims more willing to pay their ransoms. ## V. Conti Armament **Trickbot** [Trickbot, is a popular modular malware botnet used for credential theft. Trickbot is spread](https://www.breachquest.com/?p=2286) [primarily through phishing campaigns, once infected victims are subject to system](https://www.breachquest.com/?p=2303) reconnaissance and follow-on ransomware and additional malware infections. **Mimikatz** Mimikatz is an open-source application that allows users to view and save credentials. Conti commonly uses Mimikatz to steal credentials and escalate privileges. **Additional Conti reference guides for Mimikatz** ----- https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/InvokeMimikatz.ps1 https://github.com/clymb3r/PowerShell/blob/master/Invoke-Mimikatz/InvokeMimikatz.ps1 https://github.com/outflanknl/Dumpert **Cobalt Strike** Cobalt Strike is used by Conti to deploy software on victim machines to perform malicious [actions. Functionality includes command execution, keylogging, file transfer, privilege](https://www.breachquest.com/?p=1671) escalation, and often the installation of Mimikatz. Conti also uses this tool for Command and Control (C2) and payload staging. Additional tools such as obfuscators are used in orchestration with Cobalt to increase Conti’s success rate. **Additional Conti references for Cobalt Strike** https://github.com/ramen0x3f/AggressorScripts https://github.com/FortyNorthSecurity/C2concealer https://bluescreenofjeff.com/2017-08-30-randomized-malleable-c2-profiles-made-easy https://github.com/tevora-threat/PowerView3-Aggressor https://github.com/gloxec/CrossC2 **Metasploit** The Metasploit framework is an open-source tool used to probe networks and endpoints for [vulnerabilities.](https://www.breachquest.com/?p=1723) ----- **Additional Resources** https://github.com/nccgroup/nccfsas/tree/main/Tools/SharpZeroLogon https://github.com/darkoperator/VeilPowerView/blob/master/PowerView/functions/Invoke-ShareFinder.ps1 **Exploited CVEs** [The Conti group has searched for exploits related to the below CVEs. The list has 31 high-](https://www.breachquest.com/?p=2264) priority CVEs that Conti has developed or has done research on. Most notably Zerologon (cve-2020-1472) a vulnerability in Windows Netlogon which allowed Conti to become ----- Domain Admin with ease has been mentioned in the chat logs. 1. cve-2015-2546 2. cve-2016-3309 3. cve-2017-0101 4. cve-2018-8120 5. cve-2019-0543 6. cve-2019-0841 7. cve-2019-1064 8. cve-2019-1069 9. cve-2019-1129 10. cve-2019-1130 11. cve-2019-1215 12. cve-2019-1253 13. cve-2019-1315 14. cve-2019-1322 15. cve-2019-1385 16. cve-2019-1388 17. cve-2019-1405 18. cve-2019-1458 19. cve-2020-0609 20. cve-2020-0638 21. cve-2020-0688 22. cve-2020-0787 23. cve-2020-0796 24. cve-2020-1472 [Zerologon] 25. cve-2021-1675 26. cve-2021-1732 27. cve-2021-21972 28. cve-2021-21985 29. cve-2021-22005 30. cve-2021-26855 31. cve-2021-34527 ## Conclusion **The Rise of Mini Conti’s** Ransomware attacks have increased steadily over the years and many groups have emerged since Covid-19 began spreading worldwide due to remote work becoming the norm. Conti is a mature and well-seasoned group that will successfully make any necessary changes to mitigate the long-term damage from these leaks. Conti is known for using spearphishing campaigns to gain access and compromise networks through low-hanging fruit ----- vulnerabilities and this tactic certainly will not change. The leaks reveal Conti s arsenal and their mindset, and researchers at BreachQuest believe that many offspring or splinter ransomware groups will appear as this level of knowledge and insight that has never before been shared. To ensure that you’re protected from threat actors like Conti it’s essential to have a modern [XDR that can defend your organization’s endpoints. Organizations must be proactive and](https://www.breachquest.com/?p=2265) take the necessary steps to ensure that your network is secure from threat actors. ## Indicators of Compromise **BITCOIN/BECH32 Addresses** bc1qwjz9p3qurgf5qnmmprhdhn8gg0d808knr9q825 bc1qlhhgzzll4uqvd60teqn92y467kc04mj74jqudv bc1qu2k6w8gf4k7e3hgwpml6vymjv93czlc7etzuy6 bc1qtjvs79cm5zghe95hr04e5cl9h2fh7x9chfmc6t 3E6GJ8Cmk7dBQE2maUisJfJNRdxB4ih1sN 1HFqLt3fbuewZe5ncJautgncS6hN1ZzX5r bc1q2pnhvfkx0x9cqh8q4z96aa50rqxxcutp65ymx8 3QdNiLEpxKWQ6SoxULAo4xc48d5otumivR bc1ql4myqe20sd0dpk5f407045qksj0gdcm278cfp5 12V63PHiX8FvEgyewX5W1D2QrdJJSawqQM 1G5wLGHbsMmbRT7CdfmBA4aeR7RNwiG8FY bc1qdshsymz4u243ku66ysdqunu4d6wamhquxc386g 1fb0f130ce271b1f62c07795089cea1e 1NqxPMSjDxEfJ2ozbFnGEoumDpL4Z8frKh 12KHi1L1KUNDjSvkG5j56FRNbFrud3ZjUUU 3JGbpCKLyNhWatqZWD2RC6Vs4kzmqtPLPW bc1qxrnwauy7dunkm3jryv3x7mun5c3c4t0s59r9e8 bc1qmdjxd98fnk83l5k8cpvc77f9rljr7942cq0sfz bc1qtk37tmu9s6556zg6d97v79hfl9xsz20ppyj4nm bc1qlms20gsjnmtkv25kp5r3jvglq5c8yzy45s6ejs 35aWyVRkYme3aKeezp6wsJVGeoYsCTH44Z bc1qc8nxs5uxh3vx4xpuxlkhkfysllg5tw9nr00spj 1DSp4woswZECAL9zdmmGeu1s7k1sGExFDh bc1qah9yltjk556w375sdqqt2d4lltg49vkprgnsw7 32zW4tVTk3SvWVvgFJUx8AYe4wGJQH6SGi bc1qdsp0axxxdcm595jq3wfap33ewmunxy33qp03cv bc1qh7k79thm9lxwtrgxlxgdqun9lsvycp5gv0yucs bc1qqefvkkldvz4t732rajkp53j82j073s6m5cku93 3NAn1bJ49deFB9MmKw1gfBVr5Vwu5KsVzr 3PyFQL2UNfzBVwCi9GYqn2vYpMeamcoQqv ----- 3LaDs8DLJCSiJDV8RYHGyk4EVjbVRvxC9A bc1qa6kcfywen34duq6msagpdv9ffcu4d2ljh5pgq bc1qve3zp5w6x858wz6v0ydxxyyktgjm4vyfja5ehz 1LYiEgq9k3xSAddbqMZcsVTayJVoKbTFub bc1q3efl4m2jcr6gk32usxnfyrxh294sr8plmpe3ye bc1qv4eevjn6va749j2ydepgahptpg5wmp2gculvgr 3PsVm4PDNhrhwnVf8rsL72mH1CcyCP3etD bc1qy2083z665ux68zda3tfuh5xed2493uaj8whdwv bc1qclzlkqq8j3ckmulye0k5xpzfymsxxha735mlauf bc1qv4smajyuhyzzh0kj3r42js73qljykn4g7jmcaw bc1qqkc9220l6dqh8jlslfsc4xf6wxgkga5uv02vm5 112qJRWfQCAqKzSk3ZcQnq1A1YwqyfLbgp 12YQDqmq3t6bCKPKMRWFmqrju4UMXbcqvF bc1qt24rgc8gk3xmx6fzzdwxc2c92cmp7xa8lju4za 17mc4Qm7ka9jhQEUB5LTxP3gW3tsDYUJGQ 3M9tAMuamLcCpifaCQPSH3Th5F4VwjmyWz bc1qh83mkj8um9y7n5tqkfuyglyw9xnf55wdvn8j9q 3ESoHu87mTrFNNSNUaMVVEfT3vYwRYGfSHQ 1347fBtFzZCrPq29yjRpct5f6Kq5uHZHHy 3HrDFf1Yj95PFeSR58kCthga3p9hcz9Nmw bc1qrjdl409wyucrwnmveq50m63dvyy7d5ws6m50gg bc1qgd5ke95svytzhfkvjp2zhnlhhv42w0wqm0uhpx 3C5MYb2bZvQMSGTnDhtvJnt72ByZeFLgtN 3PNoZtKdNxnCEzdSQegBMbZiUufrL6RtL1 1H4JUerGtbh74dP2e4N2ogmATd5SR47iXN 3N4oho2uXfkFBfUAPtoPGLUXjHXqXV4vrJ bc1qphgsh952kqwcyvqexjfsmguv28dxlgd56ccnrn bc1qrqj988a305sgg2t4xcqqqlgqfzt87k5fk7a8f8 1LLRL4vZajTtpjuBh5VpBD8zUg73CHUsq3 bc1q8m55q8gvsluzfqxqz9wfgkpcwgl9zxvsqv63ua bc1qp8kjvuqpy5u5rzrfc5jalqczvulknxek6zfdyw bc1qhcfpza3zfd28g03ew485qrrsvy9jae5xvr9ydz 169J9MvXSJJJZUjarG7JXDD8qiQXZS4jj6A 1DS9DVVD4K86ppQhg8ta9XFVEaaW7NXZfA bc1q3ts2gkcfcx8a007gclltdcc47f9j4sx68cf7zn 3HqUAxCJ3yv2WNQE3MQSjRKGLAQqGRA4rq bc1q7mp0j2vq2xgt7mzha0kh8rqsp5ev3927hum30h 3KXtQMqqqNx37a5A5JTSSnZwzqoTvmxJE bc1q3stptj0pv6swqcyu6m5n74jamzmadsukn5ce7t bc1q6gj8ymnjh863gmuvh2nc3462trrvzlxf2atzxn bc1q59g25qrrqnyvcl2jdmxh9y5c0tvnxzk4c4xrl6 bc1q9l9zx5ct4apdweyxfdwq8tdza93gefvl7v766r ----- bc1qfrmrz7nx6c62qdf6gqk65yajn2k89hfy9cum44 bc1qdxrwrwlru99hr0frts6sxjkeeevc9za5k32r3zsgx bc1qdehfl7kjwy0tez8eugjwmgt8m4l6jv5hfgqk3t bc1q4qvnjchr3y9wpm78qlnr6659qrtnnt5pfgn6p5 1KkwkfQCB5VuwF8PnDHhw38EVGdCHK5fMk 3ESoHHu87mTrFNSNSNUaMVEfT3vYwRYGfSHQ bc1qlc0sla88psaxs9wyr0ef6zn30meff9zd72pncz bc1qtqtau58ej7gedrgg32u0r3vt5twnkmqkfk63l5 bc1qdxrwlru9hr0frts6sxjkeeevc9za5k32r3zsgx 3ESoHHu87mTrFNSNUaMVVEfT3vYwRYGfSHQ bc1qpelsktvc6d8tuuafqzkeuyddgdsck480s8t4th bc1qxxe0uz8dp820mnl7q5w3a2z9y4zgq9cr6smlf6 396PgCGZf7FAK5Sxmxa9NhGRZECddT2mMv bc1qg285up24wyrfd9dwrnucwnpj247g70wxz48kg9 bc1qptn5qsllcxmrndmwucelazjt0z68zkrgrlumy0 12bsh5bc7wkVSRv25Qw6x3JYzuQDpZZ4zi bc1qpaz0c4d7m0xx7xfflyf4cuk2xsuxev5vtlmvhs 36dmB68ZpeZZZZThy9SnCHoMvfqCKgZS1Grf bc1qj320zssr8lp62ruuwfp0nj56007a36n0wa63ml bc1qr3w2ntxztyznys7mjmvl6wv5ywpgvj9c7nz0xe bc1q70rw85x8m795nvkee56krg5t6nlwuh6wjl6ycg 3FHwdzaSjv2trZZHkLCrXMKypCK4BwEcuy bc1qnzg5lf5syvkldfnvxl6umstn6xk2czrstt3sk8 1G5LWXMN42ueD2eWvm4zMrhXGihghHDgMq bc1qrr9v7txnjxxrqvpajan5ssmcntp5mwdn065jks bc1qdvmlyvaq46e53r8y6e4cyj4pq8cdf8fukj82x0 bc1q3j4rq3k5d7ru85pecqtahcndkgx530e3g54633 bc1qlafd7lsrwrgfnszh5pl7tzsptcnm7jwz9zvh6a bc1qc39qwc3nl2eyh2cu4ct6tyh9zqzp9ye993c0y2 bc1qsm35q5gu8awj5cu2r3hrzecvcvs7sn8lxn2pfx bc1q9klek9z8lwdnfka6f7ltsewm44a7ulcgkunvwg 37JcnKmYGBT7H5fyWuthHnrJsQjcHrewDB bc1qed8hy4c2hz5m2dpyv7sf3q9p97lah4x5q5d28k bc1qa68vp26dapzt09xc2fd99qg9uyt90k7n6h0xmg 15gjb8F5Zd8XRKBCgVxsr8ZuVzr7yBtnCN bc1q33quvkjlvyks7d2p3v5fz5xl3j0sazrsdh7qdn5 bc1qvyp2gg6heau0whkxvzvevwantg2rcchlrumfn0 bc1q0wxas9pmy86gk2ptm3gprxcp5mdx92sed3tjhr 1GXrHar42EHxHNXM2nFkXQ5gpTMxdR5q5j bc1q5aqs5hrlt3wj5xrnj0craykgsq6h8mse3cftf8 bc1q93uacqvu2d2hv9zga7srv3jvqwjump26fcj23t 385weBHnfNfNpr4EhKCaLZTN6zGcczt4Fben ----- bc1qc2gtz9eadvr9mf2xcptyatajakx93schz35aq7 bc1qp0ncqsk5hu0d3kwq2erypdqur2yjzypdc40du8 3N4oho2uXfkFBfUAPtoPGLUXjHXqXV4vrJ 3ESoHHu87mTrFNSNNUaMVEfT3vYwRYGfSHQ bc1qp80m6ljlvqd7rvp8nrlfq93el0nzdvhelnkqqj bc1q4cjrllm405ktv2rm0jsh4ja5k8q9r7vmxfdcne bc1qn3dv97k9ks7jl9764vy5s30t9vxhvmqg3ka0jv bc1qtn42kyjuz0lc9w9gue72xr9m2a7jgsf3rk2vul bc1qr5wpxnxvqz7fy5a7a0l2qnklahdl64fqsnc49f 3MqifVVoWvgAq6L8opqHbk9jJw6vmgtN2n 1CwbkiHug1yw7HGdYxEtXk9nQFUc6GKxzj bc1qvr4p72n76sckcr69h88pazd6n76neyn93vvtpr bc1q2vtrs0tt52knglpc7qv9sydvzvmz8qegxyxaak 3CvVwhowFkkgoqEw2cZE5DmMYvsqRgtQVaH 39ApJGgEiLAV23rPbcma5Kn2yqFfzWWNNW bc1qdxrwlwru99hr0frts6sxjkeeevc9za5k32r3zsgx bc1qtsks6vals5hqdvk28gsumvsxlucypnlee9x72p bc1qj6nnpnnn9a0zquvpd35azeruseqnxfs3jtmwcv 3ESoHu87mTrFNSNNUaMVEfT3vYwRYGfSHQ 3ESoHu87mTrFNSNNUaMVVEfT3vYwRYGfSHQ bc1qc6fpzh8jkuy7l8nk44yx3dztz36ejwgkq8p5vf bc1qclzlkq8j3ckmulye0k5xpzfymsxxha735mlauf 3CPbvktjKPiWcYu4PM4oVrQhvSQjCKnR59 bc1qj320zssr8lp62pruuwfp0nj56007a36n0wa0wa63m bc1qzss3vt428z0kr6pm6sae5wtcxrfgn4edt8eetn 1FWWRT88WjYbZp4NoRNEBgTGjRxhi2J9YM 1LCEGFc6Cwe194B6gavMcZ56o2pbftXqWk 1MxtwUpH4cWAz4en4kqVNzAdx5gpk9etUC bc1qst63rewj2vmnnmftuhwg6hvy5rsce2dzlhk44n 1B8sFxkPtMqR86dkfd3rFT38A5tncCDZD8 bc1qmy0vr0dgwk8m46mxl4pucgay3k0xv03772mn59 bc1qp04ykljcchpuufsmly6dutvjd8qtg3f563xxdw 3ESoHu87mTrFNSNUaMVEfT3vYwRYGfSHQ bc1qsnhffuxzprt9tdrwcp8uk0x504ye7uecf6a4aee bc1qnm79vhfq5ss9qrsfgfgctd58w3s7hwn24lc9u bc1qtnqw53pxxp3j0a7ttuurqzuzxnn66su8svwv6k bc1qrkusavjestgd6lud0rjpr47x4vs2udpqesjsn8 bc1qasgfdqnd4rxwf4m0wjyqc3008amxvw8q2z6z4 395hQDyiBT16yt8jVVNj7WuZoQ4ouuFJcZ 3ESoHHu87mTrFNSNNUaMVVEfT3vYwRYGfSHQ bc1qwjg3qcugy8n6778783a4rrxvn4nvx58yjg07dt 1AXiwETqqQoQA52Jk5CmJkbAPuW8nR7VUYz ----- 3HKn3KR4FG5LBwPtB48axLRohpNnykyHAb 3N4oho2uXfkFkBfUAPtoPGLUXjHqXXV4vrJ 3ESoHu87mTrFNSNUaMVEfT3vYwRYGfSHQ bc1q0q5gsymkvp7vfpuexz0eq5csufxs60npza3ct5 32Bg4EsuNjxVJ9ZP2RWHv66ybZRHQotQS4 bc1qvahawe2w84mgqgspcgx4uyu0vgw6r9y96srcj2 bc1qlwef5kpsu6awedge9k3qsmthfwfq0d43kphdct 3B7AmkZ8VVhKKAAqCp4ZLNVbmGJQoZcaBc9 1GoAiu7jLbjNoVoVBvKX8Dba45G4J3BFL3tM bc1qy9s0z859gcvt62ydp9r4sy3cl83za36tjsnqpa bc1qfyxsgmc5axdd09xfv0y2j7jl0ztpj735pj8dah 1KMRTrRYZABPnCnpqhzECMhjaF5sKCyeQK 16evvEiZ6HKkKV9WAbysJfJG1Qa7DzJGUFp bc1q47tlstrwpqf8uhwwzp30483upe6havrfqv0ecj bc1qqtvk2hth8sjwwd7wfqhg9mav7x7ca9rccnnemf bc1qa2t2qweze4y545y3yj5xlaqdwwwjetsq082t0gqh 3JDKxEidX2JhmusBDB3BRaCahucEiHcK8n bc1q3hefqfvzfdnagwr9dkxphlz2xs6zem5r87hygh bc1qaljhrp7md4j4ceua7q89q40p6qxwp0fk35ztwr bc1q8qfesjc2slfwe8xv3l0rxwdexms006swf7gcur 3351LRF9NrFH5v2CMZWsCv66tv5UAjX5Gn 1hLvH27BxAPbqx3R2fMCuMPfS2gGDBJL bc1q2cjna87ayslzn63aqntt263etzxgdth55fdzjd bc1q4hxu7x9jjlx9wqx8sr6pq2gajr786gffgpw3ey bc1qxt3gt86tpyn87e8398l97m9kx3f3wrwlejdlal bc1qpwcdpjcvn4xll4jewpc8lqcfjr8tn5cj4hl23l 1DF9qtzbtja79o3yBAmgoX5wdsSSpaPD2mE bc1qa2t2qweze4y545y3j5xlaqdwwwjetsq082t0gqh bc1qk0nnkkk3sga4pjcvfx77l66etaz67m44ejahwx 1KfDPgc6CiWb6Fnin1bLWi2moX1ViXANxW bc1qggg5yarwhqde03f7qnltyzt7gnqh66xsvrmcf 1QAprZhPPZ3QkAFbo59YyxjAuHcLKduFsFn 172KVKhMqL5CU1HN884RbArzu5DDL5hwE3 bc1qam9eux249ur53hqxlraxjtspxv88gk0ncwja9 3ESoHu87mTrFNNSNUaMVEfT3vYwRYGfSHQ bc1qtqr3n2pa5h43c6pulqvr56c4gz4cw96sywdplf 3C5szwCXjPXutxe8NRQ2PJ5oQrKRZdrFuDgMmGz93ih 3QsBgNCy4UwKkYXPLSucytEY4LyddZSSN9 35Z4UipuER5ZGprGUugcoxPWWZ43RXchPX 3Jc3mTyYuRpP7hynPaStpDBPNNd8FYydzS 1NVHVhVjcPEWdUNpUjb3RaBWPw2WdvZ7JEk 1HtyXyCrshiJmLYNru7atpDMJrzG9mzwzf ----- bc1qgqwavrqna87kqvr9tn8lk0w4uhudhp0avd5g3f bc1qstc4wgx4e2aqm4rtch0sxftr4g7gfq3fg8nwe7 1KQ5tkv7NWjG2a67fP6UzTc7egE6HWAXux 3C4MVjmXVu1vjJFfg4phf55L1LAscKa8dr 15QULY9y2HJj1i85LiJGMYWChhAqnGkCSx bc1q7cd8rxvwuqgeh2ya9vk2ekr9qutthyklzkamf8 bc1qlkvs2jweujlms5jnrsllaxuq6zly4wvmxysty9 bc1q2ca6jfml0fvnke43dm5ade3hzagjyjfmyqw2p8 bc1qnf6drcfl786d70wlhfytyr5xg3qqgknlsh8dc3 bc1qmxdamtwnwts779k2jhqea4nd4ucqhnqh8tadmc bc1qjez2nzlhkmntqzhnwr7nk784pvfn6srw3fncq6 bc1qgdnyhjpsvlkyr7lwyxzpflzptzwwpjhswxdpa 1HtyXyCrshiJmLYNru7atpDMJrzG9mzwzf 1Q6SsW88b94a4P3Rxtfr4pRxvhqqJAWvEc bc1qz8g58ym9lrln4kk87g4kks3hg82hr8hc858nd3 bc1q69k8ll0jmxs4d29wztrdpn4dhyus5uh6pxqrfz bc1qyz0mpmjewkjmmd6sc5s7j2zvce3ufg04d803sv bc1qkfuf2cd87w2u2frrlgatuhvuwj6clr8zyxlrum 3ESoHHu87mTrFNSNNUaMVEfT3vYwRYGfSHQ bc1qqp7nt7m7m9fju2uflds93u9n5du78q3mhx6qss bc1qa273a36dgnrdqevnx0lftn99t2we306eu7gm2k 14HnaQfsQdtgVSNR91jLcbcKtddDfP6D bc1qw29f7cx035xaujcnhs6yjv70433cx078n923wh 3HVdGfBobqwYH4SmMtVRcKXeSwdQjF3Khv bc1qc5sn0myjvc8lj7n5xs3qdq6k9t07xn6vtew2ze bc1qfx2mxw2shaek42zdgctzljp498ur8lqvqvqzyxz bc1qdstkdj3m3cdckdmva7x5pk0qxz3ylaplun4kd4 bc1qdxrwlwru9hr0frts6sxjkeeevc9zaza5k32r3zsgx bc1qa0klunvxhwwhxp0kced63250sczjdzltvr06tu 33hiG13GTHTV2G8aZxzBJHBPBpDNevcK2B 1KBuDgmq8umdoAkdUQLp9YApeHuuKFeUWF 3PC7zJHCuTUh8oNyJud9u72J2rGH7SZwaK 3A8xNfeK2dXdDHi5PtKjZFa48HFixTqdAv bc1qf2lmqzwkv6r82j7p4nx4negk3m59drj0wg6w0 bc1qlrzkzc6nkpn9kj9krzen2rq8yfc3hc4yhcrz3h bc1qq6mq20rx2h7u77hp5azyqn9qrr2009quqvdld3 bc1qktkx0jynsfgmvlnern4zpnk8hy6u9h2zdtgtfz bc1qkqqztlxw4uwfdn2xsymu3pk3p2pltw4w7helfhk 31inPQPChryvSPEnaXrBc6kmcYH4NAqYnTR 36M8QiR4tiT2HyqUocRParhzEf7q8smXBV 393FUUZgie8iv8RxLKDuiyXx6TRCV9pmz7 33i6BL4HGNL7YSdPWDP9x2swdJinNLs5zu ----- bc1q546cv2zm9vc6mfy47t6ud98m9h058mvd6e6z8a 3Abc4kZoDruwVZu6jERirKypok1EFmZZKt bc1qtdyul6azg4lfecpkyaq3gdvpypxgz2ap8cgd5f 1PemRXvQ5nbDs6q19pCUzfd4kXVGovVoe3 3Cxt179UhfF4xkNQsytDmoJVWEJs1ERbZh bc1q9p5yyxsfwr987296yl5zselkczmp90uwzh95zl bc1qymfku42ak463uequgw3wqct0qk4jtlj2p250ck 36UqDj8hGfZTVjpURvSnKtpJnJKjhYcvuY 38ZcBm8BBEpVn4y7CkGL7yyyYPKMSsEvhP bc1qd7f5t5vtadrlz0ms09qw4qqcgypgj7pnpastdd 1K4NVpT26qwtLp2yReFkgecPkqqQHVrVJd bc1qfamjhlyec63dz3gvcum7s9guu3cp5n8v3hz7ud bc1qteth4dl689n0cuh3n63r6azcagmj4wj2m9yvht bc1qvq60dqug0q9l6najzg4xtd6uxkym05tu49here bc1qedxzh30gvh7l6lrp2nf59zf9efckka2rt2r9z4 **[IP Address](https://www.breachquest.com/?p=2277)** 128.201.76.252 5.181.80.177 185.163.45.132 116.206.153.212 118.91.190.42 185.163.45.95 185.163.47.176 109.230.199.73 185.158.249.249 170.130.55.44 144.217.50.242 45.15.131.126 103.124.145.98 103.47.170.131 199.249.230.163 45.95.186.118 23.160.193.217 142.11.237.178 103.47.170.130 194.40.243.33 45.14.226.23 91.92.109.19 71.6.199.23 103.101.104.229 5.181.80.108 ----- 148.163.42.203 185.183.96.244 23.160.193.221 199.189.108.71 185.99.133.115 94.140.114.254 23.160.193.190 185.99.132.67 5.181.80.143 194.15.112.173 185.99.132.248 5.39.63.103 80.71.158.106 188.127.235.177 51.89.128.193 185.99.132.121 194.15.113.155 104.143.94.101 161.35.126.145 203.80.170.81 195.149.87.59 193.169.86.84 107.173.81.96 45.87.212.180 45.41.204.150 144.217.50.254 162.55.32.153 5.39.63.98 193.57.40.49 72.167.218.45 45.41.204.137 146.19.253.90 94.140.115.3 94.140.113.53 5.2.78.37 185.193.37.222 148.163.42.213 185.38.185.13 193.27.228.65 5.181.80.155 194.36.191.19 193.8.172.239 ----- 173.232.146.32 139.28.235.26 63.147.234.198 199.127.60.67 170.130.55.77 154.61.71.53 31.13.195.26 206.251.37.27 103.56.207.249 185.158.249.119 5.181.80.121 185.212.129.112 206.221.176.171 31.13.195.144 200.58.180.138 170.130.55.90 45.230.176.157 173.232.146.104 66.29.138.17 31.14.40.220 103.208.86.22 158.69.133.72 61.177.172.13 173.19.92.26 123.123.123.123 195.123.228.5 88.119.170.242 209.222.101.242 72.191.66.50 139.28.235.177 185.64.104.5 45.77.189.106 185.150.189.202 193.42.37.21 195.123.218.101 104.238.205.128 45.86.74.108 198.46.198.128 195.123.221.248 117.252.69.134 71.168.131.157 203.76.105.227 ----- 71.249.104.3 198.45.181.114 23.106.160.165 24.185.61.99 203.76.149.210 154.61.71.54 75.142.80.233 195.123.214.177 77.88.55.70 94.140.114.237 45.32.131.223 45.32.132.182 173.243.138.99 217.12.203.191 46.28.70.239 185.183.96.36 77.83.197.40 104.194.11.160 173.234.155.15 195.123.214.148 103.137.80.22 74.125.196.113 91.92.109.180 103.250.70.198 185.191.34.120 213.59.119.198 185.163.45.17 144.202.43.124 209.222.98.79 45.41.204.139 23.254.228.234 217.12.201.132 185.232.23.77 45.126.75.91 38.92.176.125 96.45.33.106 142.4.211.167 185.25.48.4 185.244.41.9 77.88.55.55 103.78.13.150 117.197.41.36 ----- 52.58.78.16 117.252.69.210 186.72.79.132 104.171.123.166 198.46.198.9 162.33.177.212 224.0.0.251 162.210.168.43 179.43.147.243 198.46.198.105 140.82.50.50 5.39.63.108 104.243.46.74 8.6.193.80 96.93.217.253 157.230.60.143 173.234.155.75 5.199.174.223 5.39.63.107 185.189.151.142 5.181.156.166 174.96.143.3 35.174.78.146 194.15.112.174 5.34.181.18 217.12.218.109 173.201.72.45 **Sha-256** 00343d76bff52d7bfd52b9bd7f12d7f935ca4c7a2f0ea9a0166f9668ad9f9e7d 006a03d951999f06dfc445db27905af64cad28282e5962cd0092d74294b8195d 007a0f1b66e3cc9768f10613c9fba5a2984b0f074e2945d819dcbc03b98d67f8 007b695d08486ed07c21d48163c046afbb26c3f2bcd0fdd43bd2ade6c0c69f2d 00882a8b1536d615ca2ca42907974925972b36caab20ca7c67657d1559e7fdc8 009a4a9d9d26440405334df4afee1616546b57bf918179888af64471e0a4b659 00b0497ee42657e22a3735a726959ca84657cf6dacfab02b6fb118854809db3e 00d9c2149ed2ce475d24cb6de5597c468d65757e78c4cf6d046bd5d21dc6b3ff 015b786e6e592477d2ddb6f84293f896eeb8e4da12987185ebc98d5ff6affaa0 015d851797480231bee8f9fc43b4079e6547dc49d8e3310777ed59827ed42ae4 0196d69298e796765c7e7dc4d75836a25253a286eed411c3eaf3eb8db38adf0b 01a247845af95531ef5012382ff65ef8f4fb44e78d600d15068fd767aa64ed6c 01f06eadf30fbd0a673cdf759e8177e0a54814cca94eef061c9f50f1c1626dbb ----- 021a2f4fac884300099c66496ebebd683f5505b53c212d6cdc6f6725b2f618fc 024200f6b3b401e08069d3bbb50d4132aec1318f9bb16b7410b668fc1f639e71 33a7030fc01ac2d224c7fe1e0b0dac81d6aa8de8fbd26bf564d6947e4c64a0bb 34b5f804bbcc84d1f4b81f5fdd2789f1e183305c3c25a76cb0569f68dbf5dced e39e194d3230f9ec04463af248e2a1205ae5d3188ee94d529e30c4dddb2e6b9b 08d1ad46109245202cb9dad3f20eb09be9d9031373e1003fbc2862a195d321f4 8e74990cb7d4b1794559426bf40ec6698b82e62821f58c79a56278db6acb999f 5ad3bb4b60d0574d6311d607c337139ab2fedf8420b6f733bbabf844037d8c6a 02509bb54094343832133c96fa66bc113a7a8818836acf1ac0c18f9655d8555b 43393c4b4dc45b4a736e2553cadcfae7e929b13e32b487e6e2bb316e614a647f 485a3c191731de674005bf28bb644672cfcc1bad58abb9b7d0f36d71d2973067 0a6897429c36c472c99dcd618362c20e9d44cfc721eebde3bfdaca350fecf9b0 23f6125c5a9abf96816286e434dc716c31e9cfb7bdf71d255b2726f7e169c392 2bf8e629e13f9795042ae550cf7e38bf310b889ad43ff75d1f27e603d43613b2 6db784f9883d62edd45163c84c2870dadb2ba1c6b380f9746b779a6b357a68fe 79675eb09d18511dcabcc926627f9ddb7ac14842fd0cf69e0c04b081eaee8d9f b555938b009d556c5f746ba3684f6e8a15bfb949af44251e2913f436f1465e1f 15c44153d37e8cf0f06ae5a23a6a5c689e5568340732b570fadd678e56227c37 8337958ece7568e289e94891a0f6f50cf935cc39bda18a2b7f7bee30269a95a6 bdceb5afb4cb92f1bb938948cbe496bfa3de8c8d7b1f242cb133e2b18600256b 10d7e4af4bb9a79163bf6ece25e0772dc035396f6db873afc94537fe808f8d3a 02b397325e9a1200157b0a55f59ddf6b5cd7f07e01228234fc5b4caf9242fe7e 0321ed4167cd464eebd8b0157b04235f279ef044cc16d2dc8944c0fbc9b6f04d 0395a05f39ed12658099464f57280bc3d57808c26af78a36ed958be192ed2240 00191bc4945f0272eedf0d9e6b82a3bcefb15d9d6b2083bb87b51d8bf72bdfbf 0b7eafb0e73e2bf0e0c6263824ffacbf4869f9121502264e5dc08d09183ae301 be98cf40b1ba5dafde4834ba50fb1dc697e456b9f93cb437842f5177160c9fad dc084e88f377ddd7ee21424f94f1f94b409b26ebfbfb6b8566654cc9ce71472e 018c2dcaaa95ae02fff25b303888b8f1059cbd6c6fd2879f8932d207fde061ad 161389da43d1c20a0707c05342519b531d656fb3ddf0ea96835c9adef78e677c 8c7107a167d93ea8493f8a8ae2bb5febd36c959305b6a4427090e09e1941891a 889de83f813262cd4c7f3eb3152e334893c10a648f5aab8f2303c215d661db14 d4480ca738ebfc62c1f0d31cb69d1846ac8434b06b1f3e32e94954db9eb67545 5b6a96d9b85a18b6cc77d6c2bc59d067f84f2e0448cc13bf14a7fd3c5f95bf93 89906f872b14baf8a87a59bed88a8c77e146030b8f6840ae241caab2437e8fa4 4e62a8e65df5726323918662cab614e94e7ea1a75a2cb41068c07efc74a7d2bd 3ac5fdcbb220231d252dbace57c0ac1fc1fc6149b2896636628a79c1d26b67cd 892a84154516ef80df5f1764f1629c5254795669277f5ca324a035861d774cb7 9744b85a140693e44849652f471ba7a53c213349f85e8055ae5e4233c75d1dad bf81ad343dce8b514941ffd47576b78e02b41c23aec991fd5a48ad00c67ad942 0073f6e7b8536adc7daa8f60f56b33ccbe574a0d4795d3b5b6b7713dc932952b 007ca6dfd51dc76c4deb858cc49510ede3976cbdbf8fbbbaa1a2be6b0f648a0b ----- 0099d7d6f6d6c39082b5ffa9a1311b53c8e91ef96f98ec2043689634b28e5810 00e6c2aa23d90e23f9f586cee1b17349b8c064976c639c4efbf3fe1338ce5ebf 00f0a4dcb6f5da7dff82c3db1370ca21229205b3c964a4cdae1cf483baaa2c73 01d5081dd38d40d6eb02c5922271a66bbe27aa0e3786983115884bbb2775bcdb 039e3f641c64101ec5d5a89cb19c19187fe6262b4b8cb0e3b290e51ee6ab0a4c 03e7cbe3f698c03dc8d0a5f2b6a110c3f3084dd532379c8291e9e91bddcafea5 04251c5f59c2d238ad443a6f326ee9c58d73a6371f7fe8ed31a6e3a265a39fb2 042823edf852e25a6f8cc20659fc39014f8a886593d574de4e3cf453a3795128 07d3d334a9788d06f3bec60b721acab30a1cde6ff44835717bd2b5aabe568036 09faf0b2166425a24bbc370cb3ce00a4f25c12b538ecb6d9a8d60f7f982d7b02 0b5ce2910f71a1435b6e9436f89d2c67bacfd80719cc4fe8e529f55491f680b5 0b82c14ae82bdae9002cf9e719a8ac7fd7eb92b759c6173b72defc07b27be153 0cbcb80f47b7eb681d352b929f3892c2ff18144a548c1abf71868abd0cef6803 0d1f93eed7cfb941bd75ad4c01b8f0d231955a3ac79dc9f8b9aea35647bb67fb 0d9bbac2b50f9f275a5415a43aaeb0fc0c1151a4a0dcc883f00e7f4b12211764 0ddc1af44384ab2ccae8fee4aee242ca5ec3fb7b527290e2575a9599549b1d8a 0f6819b96b6ff9e5d7b5b4dba1d2c1a4f4729197050a373f262cf75b335ab8ea Sign up for our newsletter to get more industry news and insights. Related Insights 02.26.22 Conti’s Dangerous New Phase [Read more](https://www.breachquest.com/contis-dangerous-new-phase/) ----- 02.15.22 Cybersecurity Practices for Secure Infrastructure [Read more](https://www.breachquest.com/cybersecurity-practices-for-a-secure-infrastructure/) ----- 05.17.22 Conti: Still here, Still Dangerous [Read more](https://www.breachquest.com/conti-still-here-still-dangerous/) ----- -----