US unveils ‘Target’ image of Conti man with $10M reward offer • The Register

The US government is putting a face on an alleged member of the notorious Conti ransomware group as part of a $10 million reward for information on five members of the gang.

The State Department announced the reward through the Rewards for Justice program Twitter accountand says that it is looking for information about cyber criminals related to Conti, Wizard Spider or Trickbot. Wizard Spider in May has been identified as the Group associated with Russia behind Conti and Ryuk (which was renamed Conti in 2020) and the Trickbot botnet.

The reward notice included the aliases of the alleged attackers – “Tramp”, “Dandis”, “Professor”, “Reshaev” and “Target” – and came with a photo of a man and a message underneath it that said: “Is this the Conti- Partner known as ‘Target’?”

conti

The suspect’s face, the horrible style of clothing and the choice of bottles. click to enlarge

It’s the first time the US government has released a photo of a suspect allegedly linked to Conti, despite alleged members of other criminal gangs being pictured.

“The US government reveals the face of a Conti employee for the first time!” reads the Rewards for Justice tweet (offering counter-terrorism rewards for the US government). “We’re trying to name the face! To the guys in the photo, imagine how many cool hats $10 million could buy you!”

US authorities have poured a lot of money into their efforts to dismantle the Conti operation and find the people behind it. In May, the Ministry of Foreign Affairs announced a reward of up to $15 million for information about the masterminds behind Conti and people involved in attacks using a variant of its malware.

The government agency said at the time that Conti was the most expensive strain of ransomware on record and said that in January there were more than 1,000 victims of attacks involving Conti. Payouts from these attacks exceeded $150 million – adding up to a huge stack of investment funds for future criminal operations.

Conti

The Conti group was behind a series of high-profile attacks, including one last year Ireland’s national health system in which it demanded a ransom of $20 million. The country refused to pay and settled the issue while thousands of people suffered from the attack.

Conti also launched operations in the United States, targeting law enforcement, cities and towns, and emergency medical services in states like Oklahoma and Florida. It attacked them too Government of Costa Rica in April, disrupting the country’s customs and taxation platforms and damaging foreign trade.

Running as a ransomware-as-a-service (RaaS) operation, Conti develops and refines the code that other cybercriminals can pay for and use in their attacks. Like other ransomware operators, it has adopted extortion as part of its methods, stealing data and threatening to release it publicly if the ransom is not paid.

However, Conti was dismantled as a brand. Pressure from government agencies — including the $15 million reward offered by the State Department — and the data leak about the group following their vocal support of Russia and their unprovoked invasion of Ukraine in February contributed to the collapse of the Conti name.

However, group members were tracked to other ransomware operations, including karakurt, a gang warned by the FBI, CISA and US Treasury Department in June that is demanding ransoms of up to $13 million and is also threatening to release stolen data publicly if the ransom demand is not met becomes. ®

https://www.theregister.com/2022/08/12/conti_suspect_photo_reward/ US unveils ‘Target’ image of Conti man with $10M reward offer • The Register

Laura Coffey

World Time Todays is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@worldtimetodays.com. The content will be deleted within 24 hours.

Related Articles

Back to top button