Security News > 2022 > May > Russian Conti Ransomware Gang Threatens to Overthrow New Costa Rican Government
The notorious Conti ransomware gang, which last month staged an attack on Costa Rican administrative systems, has threatened to "Overthrow" the new government of the country.
"We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power," the group said on its official website.
"I appeal to every resident of Costa Rica, go to your government and organize rallies so that they would pay us as soon as possible if your current government cannot stabilize the situation? Maybe it's worth changing it?," the message read. The devastating attack, which took place on April 19, has caused the new government to declare a state of emergency, while the group has leaked troves of data stolen from the infected systems prior to encryption.
Conti attributed the intrusion to an affiliate actor dubbed "UNC1756," mimicking the moniker threat intelligence firm Mandiant assigns to uncategorized threat groups.
Affiliates are hacking groups who rent access to already-developed ransomware tools to orchestrate intrusions into corporate networks as part of what's called a ransomware-as-a-service gig economy, and then split the earnings with the operators.
Microsoft's security division, which tracks the cybercriminal group under the cluster DEV-0193, called Conti the "Most prolific ransomware-associated cybercriminal activity group active today."
News URL
https://thehackernews.com/2022/05/russian-conti-ransomware-gang-threatens.html
Related news
- Russian suspected Phobos ransomware admin extradited to US over $16M extortion (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- UK disrupts Russian money laundering networks used by ransomware (source)
- US charges Russian-Israeli as suspected LockBit ransomware coder (source)