They are the most wanted hackers in the world, but their names are unknown and there is not a single photograph of them. For that reason, the State Department offers a reward of up to 10 million dollars just to identify them or know where they carry out their criminal activities.
The infamous group of hackers called Conti Ransomware has been doing their thing since 2021, making over $150 million through hijacking electronic information. ransomware) of more than 1,000 victims, including the system of tax and customs platforms of the Costa Rican government, an action that impacted its foreign trade.
Under this modality, computer criminals close the systems of institutions, companies and government agencies demanding payments, sometimes in the millions, to allow them to regain control. Victims’ computers remain locked until a digital ransom is paid, usually in the form of bitcoin.
The Federal Bureau of Investigation (FBI) points out that the mode of operation of that criminal cell is “the most expensive ever documented.” Their leaders have watched each other’s backs so effectively that until now no one knows who they are or where they are. They are believed to be operating from somewhere in Russia, but the FBI has not verified that information.
“The Conti Ransomware group has been responsible for hundreds of incidents of ransomware in the last two years,” the State Department said in a statement.
An additional payment of up to five million dollars is also offered for any information leading to the arrest or conviction of a member of the Conti Ransomware.
“By offering this reward, the United States demonstrates its commitment to protecting potential victims of the ransomware worldwide from exploitation by cybercriminals. We seek to partner with countries willing to do justice for victims affected by the ransomware”, adds the statement.
From cyber kidnapping to supporting Putin
According to the FBI, the criminal group was responsible for attacking at least 16 medical and first aid networks in the US, for which a cyber security alert was issued in September.
Both the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI had observed more than 400 attacks using the same system against organizations in the US and other countries to steal files, encrypt servers and workstations, and then demand a bailing out.
Both agencies point out that Conti leaders are likely to pay a fixed salary to those who carry out the ransomware, instead of a percentage of the profit from a successful attack.
“Malicious cybercriminals continue to target businesses, organizations and governments large and small,” Eric Goldstein, CISA’s deputy director of cybersecurity, said at the time.
The US government advises those affected not to send money to hackers. “Paying a ransom can encourage adversaries to target more organizations, encourage other criminal actors to engage in a ransomware and it does not guarantee that the victim’s files will be recovered”, he warns.
In February, Conti Ransomware waded into another arena, promising to attack the Kremlin’s enemies if they responded to the Russian invasion of Ukraine.
In a blog post, the gang said it was announcing its “full support” for President Vladimir Putin, when he had just sent troops to northern Ukraine.
“If someone decides to mount a cyber attack or any war activity against Russia, we will use all our possible resources to strike back at an enemy’s critical infrastructure,” the post said.