The world's largest hacker group announces dissolution

Buzz

Content

The infamous name Conti will officially disappear from the hacker world.

The notorious ransomware group Conti has formally ceased its operations. Their infrastructures have been shut down, and the group's leaders declare that the name Conti will never be used again.

This information was shared by Yelisey Boguslavskiy of Advanced Intel. According to him, Conti's internal infrastructures have ceased operations.

Currently, according to Boguslavskiy, the Tor administration panel used by members for negotiations and publishing news on Conti's data leak website is offline. However, the 'Conti News' data leak website and ransom negotiation websites remain online.

Furthermore, another source shared with BleepingComputer has received notifications that other internal services, such as the rocket chat server, have ceased operations.

Conti is currently maintaining its attack on the Costa Rican government. Therefore, it's quite strange for this group to declare a cessation of operations. However, Boguslavskiy notes that the attack on Costa Rica serves as a precursor for Conti members to transition to smaller ransomware groups.

While the ransomware brand Conti is no longer present, this cybercriminal organization will continue to play a significant role in the ransomware industry for the foreseeable future.

Boguslavskiy shared with BleepingComputer that instead of rebranding as another major ransomware entity, Conti leadership has decided to collaborate with smaller ransomware gangs to carry out attacks.

As part of this collaborative relationship, a large number of Conti's experienced negotiators and operational staff will move to work for smaller ransomware groups. By reorganizing into smaller teams, Conti will increase flexibility and improve evasion of law enforcement agencies, all overseen by the leadership group.

According to reports from Advanced Intel, Conti has collaborated with various notorious ransomware groups such as HelloKitty, AvosLocker, Hive, BlackCat, Nintyyte...

Additionally, there are newly formed autonomous groups established by former Conti members solely focusing on data exfiltration rather than data encryption. Some of these autonomous groups include Karakurt, Nintyyte, and Bazarcall.

These initiatives allow existing cybercriminal organizations to continue their operations without the Conti name.

The downfall of Conti was anticipated beforehand. Immediately after declaring allegiance to Russia, Conti came under scrutiny by cybersecurity experts worldwide. A Ukrainian expert publicly disclosed over 170,000 internal Conti messages along with Conti's encryption software source code.

Admicro AdX

This has caused Conti a lot of difficulties. Other hacker groups have also begun to use Conti's source code in their attacks. In fact, one hacking group even used Conti itself to target entities in Russia.

The US government considers Conti one of the most dangerous ransomware strains ever created. It has targeted thousands of victims and earned over $150 million in ransom. Conti's dismal record prompted the US government to offer rewards of up to $15 million for anyone who can identify and pinpoint the location of Conti's leadership members.

(Reference QTM)

The content is developed by the Mytour team with the aim of customer care and solely to inspire travel experiences. We do not take responsibility for or provide advice for other purposes.

If you find this article inappropriate or containing errors, please contact us via email at [email protected]

Frequently Asked Questions

What led to the official cessation of the Conti ransomware group's operations?

The Conti ransomware group has officially ceased operations due to internal infrastructure shutdowns and increased scrutiny from cybersecurity experts. Following a series of investigations, their negotiation platforms went offline, signaling the end of their notorious brand.

How will former Conti members continue their activities after the group's dissolution?

After Conti's dissolution, former members are transitioning to smaller ransomware groups, collaborating with entities like HelloKitty and Hive. This shift allows them to maintain operational activities without the Conti name while increasing flexibility and evading law enforcement.

What impact did the exposure of Conti's internal messages have on the group?

The public disclosure of over 170,000 internal Conti messages significantly weakened the group, leading to increased scrutiny. This exposure allowed rival hacker groups to exploit Conti's source code and weakened its operational security.

Why is the US government concerned about the Conti ransomware group?

The US government regards Conti as one of the most dangerous ransomware strains, having targeted thousands of victims and amassed over $150 million in ransom. The government has offered rewards up to $15 million for information on its leadership.