Security News > 2022 > June > Conti ransomware finally shuts down data leak, negotiation sites

The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand.
Conti left one member behind to continue leaking data and taunting Costa Rica to create a facade of a running operation while its members quietly moved to other ransomware gangs.
Even though they were pretending to still be active, the ransomware operation was not performing any further attacks, and the data leaked by this remaining Conti member was from older attacks.
To confuse researchers and law enforcement, even more, this Conti member released the same victim's data on both their site and Hive's data leak site, where he is also an affiliate.
Conti is a Russian ransomware operation that launched in the summer of 2020 after taking the place of the Ryuk ransomware.
Some of the ransomware gangs known to now include old Conti members include Hive, AvosLocker, BlackCat, Hello Kitty, and the recently revitalized, Quantum operation.
News URL
Related news
- FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites (source)
- 8Base ransomware group leaders arrested, leak site seized (source)
- Black Basta ransomware gang's internal chat logs leak online (source)
- Data Leak Exposes TopSec's Role in China’s Censorship-as-a-Service Operations (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware thugs threaten Tata Technologies with leak if demands not met (source)