US Offers $15 million Reward for Info on Conti Ransomware Gang
The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang.
Up to $10 million of this reward are offered for info on Conti leaders’ identity and location, and an additional $5 million for leading to the arrest and/or convictions of individuals who conspired or attempted to participate in Conti ransomware attacks.
According to a statement issued by State Department spokesman Ned Price, Conti has hit more than 1,000 victims who paid over $150 million in ransoms until January 2022.
“The Conti ransomware group has been responsible for hundreds of ransomware incidents over the past two years,” Price said Friday.
“The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented.”
Also Read: MAS Technology Risk Management Guidelines
The rewards are offered as part of the Department of State’s Transnational Organized Crime Rewards Program (TOCRP). Since 1986, the Department has paid over $135 million in rewards under this program.
The Conti ransomware group
The FBI also warned in May 2021 that Conti operators tried to breach over a dozen US healthcare and first responder organizations.
In August 2021, a disgruntled affiliate leaked Conti’s training materials, including info on one of its operators, a manual on deploying various malicious tools, and numerous help documents allegedly provided to the group’s affiliates.
According to analysts from multiple cybersecurity firms, Conti is now managing various side businesses meant to sustain its ransomware operations or pay for initial network access when needed.
One such side operation is the recently emerged Karakurt data extortion group, active since at least June 2021 and recently linked to Conti by researchers from Advanced Intelligence, Infinitum, Arctic Wolf, Northwave, and Chainalysis, as the cybercrime gang’s data extortion arm.