BleepingComputer reports that the Conti ransomware group has completed its shutdown with the dismantling of its two Tor servers for data leaks and ransomware negotiations.
Conti was reported by threat intelligence analyst Ido Cohen to have shut down its servers on Wednesday, with BleepingComputer confirming that the servers remained offline yesterday. Conti has been taking apart its infrastructure since last month following the exposure of its internal chats and ransomware encryptor source code while its members began transitioning to other ransomware groups but did leave one member to continue threatening Costa Rica.
"The only goal Conti had wanted to meet with this final attack was to use the platform as a tool of publicity, performing their own death and subsequent rebirth in the most plausible way it could have been conceived," said Advanced Intel in a report last month.
Despite Conti's apparent shutdown, Yelisey Boguslavskiy of Advanced Intel noted the syndicate's continued operation in smaller groups.