Since its creation in 2019, the Conti ransomware group has terrorized organizations of all sizes across the globe. The cyber gang has conducted more than 1,000 ransomware campaigns, targeting critical infrastructure both in the United States and abroad. Organizations it has targeted include law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities.
The U.S. Department of State says that Conti has successfully attacked more than 400 organizations, with 290 of those in the U.S., earning more than $180 million in 2021 alone.
In an attempt to limit or shutdown Conti’s activity entirely, the State Department’s Rewards for Justice (RFJ) program is offering up to $10 million for information leading to the identification or location of any person in violation of the Computer Fraud and Abuse Act (CFAA).
Conti ransomware group
If the name Conti isn’t ringing any bells, the cyber gang is a ransomware-as-a-service (RaaS) operation linked to the Russian government. It has been known to target critical infrastructure of Western allies, and has recently become involved in the situation in Ukraine.
Conti operators pledged full support to Russia when President Vladimir Putin declared he would be invading Ukraine, saying they would attack any country that attempted to intervene.
However, this did backfire a bit for Conti when one member decided they did not want to support a war. An anonymous Ukrainian security researcher, who had access to Conti’s internal systems, leaked 13 months of incredibly sensitive data. The data included Bitcoin addresses, Jabber chat logs, and negotiations