New Threat Research: The Client/Server Relationship — A Match Made In Heaven 

Read Threat Research


US State Department Offers $10 Milion Bounty for Information on Conti Ransomware Group

The US State Department has offered a $10 million reward for information related to five members of the Conti ransomware group. The reward offer is significant as it is the first time the face of a Conti associate, identified as “Target,” has been revealed. “Tramp,” “Dandis,” “Professor,” and “Reshaev” are the names given to the other four associates. Target’s involvement as a manager in the organization’s physical operations in Russia was discovered by examining the leaked conversations between Conti members in March 2022. In addition to information about the five operators, the government is asking for information about Conti’s associated groups TrickBot and Wizard Spider. Over the past two years, the transnational organized crime group Conti has been associated with hundreds of ransomware instances.

Analyst Notes

“The leaks are of an unprecedented level and show the world how a government backed, multimillion-dollar ransomware gang operates. In some fashion it was almost like a normal business; wages needed to be paid, software licenses obtained, customer service initiated, and strategic alliances had to be formed,” noted Trellix in March 2022. The Russian-based Ransomware-as-a-Service (RaaS) business is thought to have affected over 1,000 entities as of January 2022, with victim payouts reaching more than $150 million. Conti is the “most damaging strain of ransomware ever documented,” according to the State Department. Despite the dissolution of the Conti brand, its members are still in the field, carrying on their job through other ransomware and data extortion operations under several offshoots, including Karakurt, Silent Ransom, Quantum, and Roy/Zeon.