Privacy Ninja

US Offers $15 million Reward for Info on Conti Ransomware Gang

US Offers $15 million Reward for Info on Conti Ransomware Gang

The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang.

Up to $10 million of this reward are offered for info on Conti leaders’ identity and location, and an additional $5 million for leading to the arrest and/or convictions of individuals who conspired or attempted to participate in Conti ransomware attacks.

According to a statement issued by State Department spokesman Ned Price, Conti has hit more than 1,000 victims who paid over $150 million in ransoms until January 2022. 

“The Conti ransomware group has been responsible for hundreds of ransomware incidents over the past two years,” Price said Friday.

“The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented.”

Also Read: MAS Technology Risk Management Guidelines

In November, the US State Department has also offered rewards of up to $15 million for information on the REvil (Sodinokibi) and Darkside ransomware operations.

The rewards are offered as part of the Department of State’s Transnational Organized Crime Rewards Program (TOCRP). Since 1986, the Department has paid over $135 million in rewards under this program.

Those who can provide this information can submit tips to the FBI at or using the FBI’s Electronic Tip Form.

The Conti ransomware group

Conti is a Ransomware-as-a-Service (RaaS) operation linked to the Russian-speaking Wizard Spider cybercrime group (also known for other notorious malware, including Ryuk, TrickBot, and BazarLoader).

The cybercrime gang’s victims include Ireland’s Health Service Executive (HSE) and its Department of Health (DoH), asking the former to pay a $20 million ransom.

The FBI also warned in May 2021 that Conti operators tried to breach over a dozen US healthcare and first responder organizations.

Also Read: How PII Data Works In Businesses And Its Advantages

In August 2021, a disgruntled affiliate leaked Conti’s training materials, including info on one of its operators, a manual on deploying various malicious tools, and numerous help documents allegedly provided to the group’s affiliates.

According to analysts from multiple cybersecurity firms, Conti is now managing various side businesses meant to sustain its ransomware operations or pay for initial network access when needed.

One such side operation is the recently emerged Karakurt data extortion group, active since at least June 2021 and recently linked to Conti by researchers from Advanced Intelligence, Infinitum, Arctic Wolf, Northwave, and Chainalysis, as the cybercrime gang’s data extortion arm. 



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us