The State Department is offering a reward of up to $10 million for information that helps identify or locate the leaders of the Conti ransomware gang that has victimized Americans.
The department is dangling an additional $5 million for information that results in the arrest or conviction of anyone attempting to participate in a Conti cyberattack anywhere in the world.
“The Conti ransomware group has been responsible for hundreds of ransomware incidents over the past two years,” State Department spokesperson Ned Price said Friday in a statement. “The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti ransomware variant the costliest strain of ransomware ever documented.”
Conti was first observed in December 2019, according to cybersecurity company DomainTools, and it has gained notoriety in the U.S. The FBI issued an alert in May 2021 saying it discovered 16 Conti ransomware attacks targeting U.S. health care and first-responder networks within the previous year.
The ransomware group’s targets are not exclusive to the U.S. According to the State Department, Conti is responsible for a ransomware attack against Costa Rica’s government last month.
Conti also sided with the Russian government in February in its invasion of Ukraine. The group posted a message online siding with Russia before changing the message to walk back its explicit support for Russia.
Internal communications of the gang subsequently leaked, with speculation suggesting that a Ukrainian ransomware operator who disagreed with the gang’s Russian sympathizers was responsible for the revelation.
Included in the leaked internal chats were some clues that Russia may have influence over the group’s members. Christo Grozev, Russia investigator at the watchdog group Bellingcat, tweeted that the leaked info led his team to conclude that Conti targeted a Bellingcat contributor at the direction of the FSB, Russia’s Federal Security Service.
• Ryan Lovelace can be reached at firstname.lastname@example.org.
Copyright © 2022 The Washington Times, LLC.