Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Conti ransomware is an extremely damaging malicious actor due to the speed with which encrypts data and spreads to other systems.
The cyber-crime action is thought to be led by a Russia-based group that goes under the Wizard Spider pseudonym.
The group is using phishing attacks in order to install the TrickBot and BazarLoader Trojans in order to obtain remote access to the infected machines.
What Happened?
Those who provide information that leads to the identification of key members of the infamous Conti cybercrime gang will be eligible for rewards of up to $10 million from the United States Department of State.
The Department of State is offering a reward of up to $10,000,000 for information leading to the identification and/or location of any individual(s) who hold a key leadership position in the Conti ransomware variant transnational organized crime group. In addition, the Department is also offering a reward of up to $5,000,000 for information leading to the arrest and/or conviction of any individual in any country conspiring to participate in or attempting to participate in a Conti variant ransomware incident.
The Conti ransomware group has been responsible for hundreds of ransomware incidents over the past two years. The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented. In April 2022, the group perpetrated a ransomware incident against the Government of Costa Rica that severely impacted the country’s foreign trade by disrupting its customs and taxes platforms. In offering this reward, the United States demonstrates its commitment to protecting potential ransomware victims around the world from exploitation by cyber criminals. We look to partner with nations willing to bring justice for those victims affected by ransomware.
This reward is offered under the Department of State’s Transnational Organized Crime Rewards Program (TOCRP).
The Department manages the TOCRP in close coordination with our federal law enforcement partners as part of a whole of government effort to disrupt and dismantle transnational organized crime globally, including cybercrime. More than 75 transnational criminals and major narcotics traffickers have been brought to justice under the TOCRP and the Narcotics Rewards Program (NRP) since 1986. The Department has paid more than $135 million in rewards under these programs to date.
For more information on the group listed above and the TOCRP, please see Department of State INL Transnational Organized Crime Rewards.
According to The Hacker News publication, the Department of Homeland Security described the Conti version as “the most expensive strain of ransomware ever documented.”
Conti, the creation of a Russian-based transnational organized crime group known as Gold Ulrick, is one of the most prolific ransomware cartels, having continued to strike targets around the world while simultaneously expanding its empire by acquiring TrickBot and engaging in data extortion-related side businesses.
Following its vocal support for Russia’s invasion of Ukraine in February, the ransomware suffered a major breach of its own when its source code and internal discussions were made available to the general public. However, the leaks have had minimal effect on slowing the ship’s progress.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Dora is a digital marketing specialist within Heimdal™ Security. She is a content creator at heart - always curious about technology and passionate about finding out everything there is to know about cybersecurity.
