On January 17, 2019, the US Department of Justice released an announcement that they have offered $15M to anyone with information leading to arrests and convictions in connection with a ransomware campaign. On February 20th, The FBI arrested four men connected to this scheme. They are charged with disrupting international trade by illegally accessing computers around the world and infecting them with malware such as Cryptolocker or Conti Ransomware.
The “conti ransomware victims list” is a list of all the people that have been affected by the Conti ransomware. The US government has offered $15M for information on the people behind it.
The US Department of State has offered two separate $15 million rewards for information on the Ransomware Conti organized criminal ring.
Any information that leads to the identification or location of the Conti group’s leaders might earn you up to $10 million. In addition, any information leading to the arrest of anybody plotting with the Conti gang will be given $5 million.
The awards may be collected from any country under the Department of State’s Transnational Organized Crime Rewards Program (TOCRP).
Attacks by ransomware
Ransomware is a sort of software that demands a ransom in exchange for deleting or publishing sensitive information.
Total value received by Attacks by ransomware between the years 2016-2021 (via Chainalysis)
Attacks by ransomware peaked in 2020 by reaching $692 million in total value, according to Chainalysis. The total amount paid in ransom remained over $600 million as of 2021. However, the slight decline in confiscated total value doesn’t mean that the threat is also degrading.
According to the report:
“Despite these figures, anecdotal evidence, together with the fact that ransomware income in the first half of 2021 topped that in the first half of 2020, leads us to believe that 2021 will be shown to have been an even greater year for ransomware.”
The top ten ransomware strains by revenue (via Chainalysis)
Conti holds first position in the top 10 ransomware strains by income, extorting at least $180 million from its victims in 2021, according to the same estimate.
It is estimated that the Ransomware Conti group has been active for over two years and has around 350 members. It was able to collect over $2.7 billion in ransom since 2020.
Conti’s analysis suggests that the firm use unique in-house software that is far quicker than other ransomware programs. Their assaults may affect any version of Microsoft Windows.
The gang assaulted the Costa Rican government on April 21, 2022, and targeted at least five government institutions, including the Finance, Science, and Technology Ministries. Conti requested a $10 million ransom and began releasing material after failing to get it.
The latest from #Conti on the hack on Costa Rica’s Ministerio de Hacienda…
“If the ministry is unable to explain what is going on to its tax payers, we will. 1) We breached their vital infrastructure and acquired access to about 800 servers, “wp2Y8UeGGN pic.twitter.com
April 20, 2022 — BetterCyber (@ bettercyber_)
Conti was investigated by Cyberint, which refuted previously seized in-group correspondence written in Russian and uncovered a well-managed organizational structure.
Conti’s management structure (via Cyberint)
The mails also revealed that the company had offices in Russia, that it conducted performance appraisals, and that a “employee of the month” was chosen.
Check Point Software Technologies’ chief of threat intelligence, Lotem Finkelstein, stated:
“Our… view is that such a large business with actual offices and vast income would not be able to operate in Russia without complete consent from Russian intelligence agencies, or perhaps some assistance.”
Obtain a Competitive Advantage in the Crypto Market
Join Edge to get access to our own Discord community, as well as more exclusive material and commentary.
Snapshots of prices
For $19 per month, join today. Examine all advantages.
The “conti ransomware analysis” is a ransomware that has been around for a while, but recently the US government offered $15M for information on it. This ransomware has been known to encrypt files and demand ransom in exchange for decrypting them.