Security News > 2022 > May > Russian Conti Ransomware Gang Threatens to Overthrow New Costa Rican Government

Russian Conti Ransomware Gang Threatens to Overthrow New Costa Rican Government
2022-05-17 23:32

The notorious Conti ransomware gang, which last month staged an attack on Costa Rican administrative systems, has threatened to "Overthrow" the new government of the country.

"We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power," the group said on its official website.

"I appeal to every resident of Costa Rica, go to your government and organize rallies so that they would pay us as soon as possible if your current government cannot stabilize the situation? Maybe it's worth changing it?," the message read. The devastating attack, which took place on April 19, has caused the new government to declare a state of emergency, while the group has leaked troves of data stolen from the infected systems prior to encryption.

Conti attributed the intrusion to an affiliate actor dubbed "UNC1756," mimicking the moniker threat intelligence firm Mandiant assigns to uncategorized threat groups.

Affiliates are hacking groups who rent access to already-developed ransomware tools to orchestrate intrusions into corporate networks as part of what's called a ransomware-as-a-service gig economy, and then split the earnings with the operators.

Microsoft's security division, which tracks the cybercriminal group under the cluster DEV-0193, called Conti the "Most prolific ransomware-associated cybercriminal activity group active today."


News URL

https://thehackernews.com/2022/05/russian-conti-ransomware-gang-threatens.html