US offers $15M for info on Conti ransomware

2 years ago

Crime

The U.S. Department of State announced it volition wage up to $15 cardinal for accusation connected the Conti ransomware variant. 

2 min read

Updated: May 7, 2022 at 5:14 pm

US offers $15M for info connected  Conti ransomware

Cover art/illustration via CryptoSlate

The U.S.Department of State set 2 abstracted bounties for accusation connected the Conti ransomware organized transgression radical totaling $15 million.

Any accusation that helps place oregon find the Conti radical leaders volition beryllium awarded up to $10 million. Additionally, $5 cardinal volition beryllium awarded for immoderate accusation that leads to the apprehension of individuals conspiring with the Conti group.

The rewards are offered nether the Department of State’s Transnational Organized Crime Rewards Program (TOCRP) and tin beryllium claimed from immoderate country.

Ransomware attacks

Ransomware is simply a benignant of malware that threatens to delete oregon people backstage accusation unless a ransom is paid.

Total worth  received by ransomware attacks betwixt  the years 2016-2021 (via Chainalysis)Total worth received by ransomware attacks betwixt the years 2016-2021 (via Chainalysis)

Ransomware attacks peaked successful 2020 by reaching $692 cardinal successful full value, according to Chainalysis. The full magnitude paid successful ransom remained over $600 million arsenic of 2021. However, the flimsy diminution successful confiscated full worth doesn’t mean that the menace is besides degrading. 

The study states:

“Despite these numbers, anecdotal evidence, positive the information that ransomware gross successful the archetypal fractional of 2021 exceeded that of the archetypal fractional of 2020, suggests to america that 2021 volition yet beryllium revealed to person been an adjacent bigger twelvemonth for ransomware.”

Top 10 ransomware gross  strains (via Chainalysis)Top 10 ransomware gross strains (via Chainalysis)

The aforesaid study breaks down the apical 10 ransomware strains by revenue, wherever Conti takes the archetypal spot by extorting astatine slightest $180 cardinal from its victims successful 2021. 

Conti ransomware

It is estimated that the Conti ransomware radical has been progressive for implicit 2 years and has astir 350 members. It was capable to cod implicit $2.7 cardinal successful ransom since 2020.

According to accusation leaked from Conti, the radical uses proprietary in-house bundle that is overmuch faster than different astir ransomware programs. All versions of Microsoft Windows are prone to their attacks. 

On 21 April 2022, the radical attacked the Government of Costa Rica and targeted astatine slightest 5 authorities agencies, including the Ministries of Finance, Science, and Technology. Conti demanded a $10 cardinal ransom and started leaking definite accusation for not receiving it. 

🚨 #Conti's latest update connected the cyberattack against Costa Rica's Ministerio de Hacienda 🇨🇷…

"If the ministry cannot explicate to its taxation payers what is going on, we volition bash it 1) we person penetrated their captious infrastructure, gained entree to astir 800 servers, …" 👇 pic.twitter.com/wp2Y8UeGGN

— BetterCyber (@_bettercyber_) April 20, 2022

Specialists from Cyberint, who analyzed Conti debunked antecedently confiscated in-group messages written successful Russian and discovered that the radical adopted a well-managed organizational structure.

Conti's organizational operation   (via Cyberint)Conti’s organizational operation (via Cyberint)

The messages besides showed that the radical had carnal offices successful Russia, ran show reviews, and adjacent named an “employee of the month.”

Lotem Finkelstein, the caput of menace quality astatine Check Point Software Technologies, stated:

“Our … presumption is that specified a immense organization, with carnal offices and tremendous gross would not beryllium capable to enactment successful Russia without the afloat approval, oregon adjacent immoderate cooperation, with Russian quality services.”

View source