The Conti ransomware group has effectively put a stop to their operation by shutting down its infrastructure and informing its team leaders that the brand no longer exists.
Advanced Intel's Yelisey Boguslavskiy tweeted that the gang's internal infrastructure had been shut down.
The Tor admin panels that members used to conduct negotiations and post "news" on their data leak site are currently down, according to BleepingComputer. Despite the fact that the public-facing 'Conti News' data dump and the ransom negotiation website are still available.
As per Bleeping Computer, "The agenda to conduct the attack on Costa Rica for the purpose of publicity instead of ransom was declared internally by the Conti leadership. Internal communications between group members suggested that the requested ransom payment was far below $1 million USD (despite unverified claims of the ransom being $10 million USD, followed by Conti’s own claims that the sum was $20 million USD)".
Despite the fact that the Conti ransomware brand has been retired, the cybercrime organisation will continue to play a significant role in the ransomware industry for some time.
Rather than rebranding as another large ransomware organisation, Conti leadership has collaborated with other minor ransomware gangs to carry out attacks.
Smaller ransomware gangs profit from this alliance because they have access to professional Conti pentesters, negotiators, and operators. The Conti cybercrime syndicate is able to expand its mobility and ability to dodge law enforcement more effectively by subdividing into smaller "cells" that are all monitored by the central leadership.
Conti has worked with a wide range of well-known ransomware operations, according to a study published by Advanced Intel. Conti's current members, which include negotiators, intelligence analysts, pentesters, and coders, are scattered throughout several ransomware operations. Despite the fact that they will now employ the same encryptors and negotiation sites as the other ransomware operation, they remain part of the larger Conti criminal group.
