Conti RaaS group chat leaked (English translation) about firmware exploit and implant

A leaked XMPP internal chat from Conti group revealed by vx-underground. The developer of Conti group mentioned about how they leveraged the CSME for further SMM implant:

Oct 29 2020

“according to ideas, if regarding the topic that I’m doing, since I’m changing the flash drive, there is an idea to make not just a file dropper, and running them under the OS, but an SMM driver for remote data collection, memory dumps, etc.”
“maybe you just heard about ME, there are working POCs for SMM”
“in fact, I am finishing a module that can put anything into the firmware, as long as it is a driver with a file system and file drop, then you can develop an SMM driver and put it into the firmware”

Jun 7 2021

“Hello, you’re doing well. I apologize for not answering right away, I haven’t communicated through a toad for a long time, I didn’t see what you wrote. Now I am finishing a full report on the mechanism of operation of the Intel ME controller and the AMT technology based on it. Restored a bunch of undocumented commands with the help of reverse, interaction interface dump and fuzzing. Unfortunat