Security News > 2022 > June > Conti ransomware finally shuts down data leak, negotiation sites
The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand.
Conti left one member behind to continue leaking data and taunting Costa Rica to create a facade of a running operation while its members quietly moved to other ransomware gangs.
Even though they were pretending to still be active, the ransomware operation was not performing any further attacks, and the data leaked by this remaining Conti member was from older attacks.
To confuse researchers and law enforcement, even more, this Conti member released the same victim's data on both their site and Hive's data leak site, where he is also an affiliate.
Conti is a Russian ransomware operation that launched in the summer of 2020 after taking the place of the Ryuk ransomware.
Some of the ransomware gangs known to now include old Conti members include Hive, AvosLocker, BlackCat, Hello Kitty, and the recently revitalized, Quantum operation.
News URL
Related news
- UnitedHealth confirms it paid ransomware gang to stop data leak (source)
- GhostRace – New Data Leak Vulnerability Affects Modern CPUs (source)
- Shopping platform PandaBuy data leak impacts 1.3 million users (source)
- Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise (source)
- Home Depot confirms worker data leak after miscreant dumps info online (source)
- Chipmaker Nexperia confirms breach after ransomware gang leaks data (source)
- Cerebral to pay $7 million settlement in Facebook pixel data leak case (source)