Monti Ransomware Targets Linux in Healthcare and Financial Services

The Monti ransomware was found in June 2022 that attracted notice due to its close resemblance to the Conti ransomware, both in name and tactics, drawing attention from cybersecurity experts and organizations.

Monti ransomware group has been observed to employ tactics similar to those of the Conti team, including utilizing their TTPs and leaked source code and tools. 

Apart from this, Monti also consistently targeted the companies and posted their breaches to expose their details on a leaked site built by the operators of Monti.

After a two-month gap, the Monti ransomware gang is back again, and now it’s back with a new Linux locker targeting:

• Legal entities
• Financial services
• Government entities
• Healthcare industries