Security News > 2022 > June > Conti ransomware finally shuts down data leak, negotiation sites

Conti ransomware finally shuts down data leak, negotiation sites
2022-06-24 14:35

The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand.

Conti left one member behind to continue leaking data and taunting Costa Rica to create a facade of a running operation while its members quietly moved to other ransomware gangs.

Even though they were pretending to still be active, the ransomware operation was not performing any further attacks, and the data leaked by this remaining Conti member was from older attacks.

To confuse researchers and law enforcement, even more, this Conti member released the same victim's data on both their site and Hive's data leak site, where he is also an affiliate.

Conti is a Russian ransomware operation that launched in the summer of 2020 after taking the place of the Ryuk ransomware.

Some of the ransomware gangs known to now include old Conti members include Hive, AvosLocker, BlackCat, Hello Kitty, and the recently revitalized, Quantum operation.


News URL

https://www.bleepingcomputer.com/news/security/conti-ransomware-finally-shuts-down-data-leak-negotiation-sites/