The U.S.Department of State nustatyti two separate bounties for information on the Conti ransomware organized crime group totaling $15 million.
Any information that helps identify or locate the Conti group leaders will be awarded up to $10 million. Additionally, $5 million will be awarded for any information that leads to the arrest of individuals conspiring with the Conti group.
The rewards are offered under the Department of State’s Transnational Organized Crime Rewards Program (TOCRP) and can be claimed from any country.
Ransomware išpuoliai
Ransomware is a type of malware that threatens to delete or publish private information unless a ransom is paid.
Ransomware attacks peaked in 2020 by reaching $692 million in total value, according to Chainalysis. The total amount paid in ransom remained daugiau nei $ 600 milijonų as of 2021. However, the slight decline in confiscated total value doesn’t mean that the threat is also degrading.
Ataskaitoje teigiama:
“Despite these numbers, anecdotal evidence, plus the fact that ransomware revenue in the first half of 2021 exceeded that of the first half of 2020, suggests to us that 2021 will eventually be revealed to have been an even bigger year for ransomware.”
The same report breaks down the top 10 ransomware strains by revenue, where Conti takes the first place by extorting at least $180 million from its victims in 2021.
Conti ransomware
Tai yra apskaičiuotas that the Conti ransomware group has been active for over two years and has around 350 members. It was able to collect over $2.7 billion in ransom since 2020.
Pasak informacijos nutekėjo from Conti, the group naudoja proprietary in-house software that is much faster than other most ransomware programs. All versions of Microsoft Windows are prone to their attacks.
On 21 April 2022, the group užpuolė the Government of Costa Rica and targeted at least five government agencies, including the Ministries of Finance, Science, and Technology. Conti demanded a $10 million ransom and started leaking certain information for not receiving it.
? #Conti‘s latest update on the cyberattack against Costa Rica’s Ministerio de Hacienda ??…
“If the ministry cannot explain to its tax payers what is going on, we will do it 1) we have penetrated their critical infrastructure, gained access to about 800 servers, …” ? pic.twitter.com/wp2Y8UeGGN
— BetterCyber (@_bettercyber_) Balandis 20, 2022
Specialists from Cyberint, who analyzed Conti debunked previously confiscated in-group messages written in Russian and atrado that the group adopted a well-managed organizational structure.
The messages also showed that the group had physical offices in Russia, ran performance reviews, and even named an “employee of the month.”
Lotem Finkelstein, the head of threat intelligence at Check Point Software Technologies, pareiškė,:
“Our … assumption is that such a huge organization, with physical offices and enormous revenue would not be able to act in Russia without the full approval, or even some cooperation, with Russian intelligence services.”
Source: https://cryptoslate.com/us-offers-15m-for-info-on-conti-ransomware/