US offers $10m reward for info on five Conti ransomware members

12 Aug 2022

Image: © Daniel Beckemeier/Stock.adobe.com

Rewards for Justice shared a photo of someone it claims to be an associate of the ransomware gang and is offering a reward to identify him and four others.

The US Department of State is offering a $10m reward for any information on five malicious cyber actors who are believed to be high-ranking members of the Conti ransomware gang.

The US has been offering rewards for information on this ransomware gang since May, including a $5m reward for any intel that leads to the arrest of anyone conspiring or attempting to participate in a Conti attack.

Yesterday (11 August), the department’s Rewards for Justice programme shared an alleged photo of an associate of the ransomware gang. The department said on Twitter that it is “trying to put a name to the face” and believes the individual is the hacker known as “Target”.

Illustration showing an image of a man with four figures next to it. A reward offer for information on the Conti ransomware gang.

A request for information by the Rewards for Justice programme. Image: US Department of State/Rewards for Justice

Conti, also known as Wizard Spider, has been linked to a group believed to be based near St Petersburg, Russia. The US has labelled it a “Russian government-linked ransomware-as-a-service (RaaS) group”.

The group’s malware is believed to be responsible for more than 1,000 ransomware operations targeting critical infrastructure around the world, from law enforcement agencies to emergency medical services and dispatch centres.

In May 2021, the Conti group was behind the HSE ransomware incident that saw more than 80pc of the IT infrastructure of healthcare services across Ireland impacted. It was said to be the most serious cyberattack ever to hit the State’s critical infrastructure.

The US Department of State previously said the Conti ransomware variant is the “costliest strain of ransomware” ever documented. The FBI estimates that, as of January 2022, there had been more than 1,000 victims of attacks associated with Conti ransomware, with victim payouts exceeding $150m.

When Russia began its invasion of Ukraine earlier this year, the Conti group declared its allegiance to the Russian government. Shortly after, a Ukrainian researcher took the cybersecurity world by storm after publishing more than 60,000 internal messages of the ransomware gang.

Raj Samani, chief scientist at cybersecurity firm Rapid7, said the latest reward offer is just “the tip of the iceberg as enforcement agencies make “considerable strides” through public-private collaboration to hold cybercriminals to account.

“Announcing a reward and revealing the details of Conti members sends a message to would-be criminals that cybercrime is anything but risk-free,” said Samani.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com