Risk Assessments/Management, Breach, Ransomware

Conti ransomware operation dismantled

Following its recent attack against Costa Rica, the Conti ransomware group has reportedly ceased operations, according to BleepingComputer. Conti had already turned off its internal infrastructure even though its ransom negotiation and data leak sites continue to be online, while rocket chat servers are in the decommissioning process, said Advanced Intel's Yelisey Boguslavskiy in a tweet. Boguslavskiy also noted that the attack on Costa Rica was only a front to the continued operations of Conti as its members began transferring to smaller ransomware operations. "The only goal Conti had wanted to meet with this final attack was to use the platform as a tool of publicity, performing their own death and subsequent rebirth in the most plausible way it could have been conceived," said Advanced Intel in a report. Despite the dismantling of Conti, the ransomware gang has teamed up with the AvosLocker, BlackByte, BlackCat, HelloKitty, and Hive ransomware operations to ensure continued attacks, the report found.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.