Cyber Security

US offers $15 million reward for info on the Conti ransomware gang

The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang.

Up to $10 million of this reward are offered for info on Conti leaders’ identity and location, and an additional $5 million for leading to the arrest and/or convictions of individuals who conspired or attempted to participate in Conti ransomware attacks.

According to a statement issued by State Department spokesman Ned Price, Conti has hit more than 1,000 victims who paid over $150 million in ransoms until January 2022.

“The Conti ransomware group has been responsible for hundreds of ransomware incidents over the past two years,” Price said Friday.

“The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented.”

In November, the US State Department has also offered rewards of up to $15 million for information on the REvil (Sodinokibi) and Darkside ransomware operations.

The rewards are offered as part of the Department of State’s Transnational Organized Crime Rewards Program (TOCRP). Since 1986, the Department has paid over $135 million in rewards under this program.

Those who can provide this information can submit tips to the FBI at https://tips.fbi.gov or using the FBI’s Electronic Tip Form.

The Conti ransomware group

Conti is a Ransomware-as-a-Service (RaaS) operation linked to the Russian-speaking Wizard Spider cybercrime group (also known for other notorious malware, including Ryuk, TrickBot, and BazarLoader).

The cybercrime gang’s victims include Ireland’s Health Service Executive (HSE) and its Department of Health (DoH), asking the former to pay a $20 million ransom.

The FBI also warned in May 2021 that Conti operators tried to breach over a dozen US healthcare and first responder organizations.

In August 2021, a disgruntled affiliate leaked Conti’s training materials, including info on one of its operators, a manual on deploying various malicious tools, and numerous help documents allegedly provided to the group’s affiliates.

According to analysts from multiple cybersecurity firms, Conti is now managing various side businesses meant to sustain its ransomware operations or pay for initial network access when needed.

One such side operation is the recently emerged Karakurt data extortion group, active since at least June 2021 and recently linked to Conti by researchers from Advanced Intelligence, Infinitum, Arctic Wolf, Northwave, and Chainalysis, as the cybercrime gang’s data extortion arm. 

Source: https://www.bleepingcomputer.com/news/security/us-offers-15-million-reward-for-info-on-the-conti-ransomware-gang/

Advertisement. Scroll to continue reading.
Click to comment

You May Also Like

Cyber Security

State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a joint advisory published by CISA, the...

Cyber Security

North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe...

Cyber Security

The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in...

Cyber Security

Using a vulnerability in MOVEit Transfer, hackers gained access to 8 to 11 million individuals’ ‘Users Data’ protected health information. Maximus, a US government contracting...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version