The U.S. Department of State announced last week that it is offering a $10,000,000 bounty for information on the identification or location of five highly ranked members of Wizard Spider, the Conti ransomware syndicate. Since the emergence of Conti in 2020, the ransomware strain has been weaponized against hospitals, governments, and businesses, with the FBI estimating $180,000,000 in ransomware payouts. Specifically, the Department of State is looking for information on the following key members of the Conti group: Professor, Reshaev, Tramp, Dandis, and Target. An image of the member “Target” was shared last Thursday, being the first time a Conti operator has been identified by the U.S. government.

What is Conti Ransomware?

A rebranding on the Ryuk ransomware variant, Conti runs a ransomware-as-a-service (RaaS) operation, developing ransomware code for other hacking groups to use. The malicious program encrypts data and spreads to multiple systems, making it difficult to contain, seeing that there are no guarantees that system and file access will be granted even after paying the actor. The group has a website where any leaked/extracted documents are published, with the data of hundreds of different sectors and organizations shared.

Conti’s More Notorious Attacks

The group has grown into a dangerous syndicate, given their recent participation in cyber warfare and infiltrating of 27 government institutions in Costa Rica for $20,000,000. President Rodrigo Chavez has retaliated, declaring war with the ransomware syndicate. Ireland was targeted by this string of high-profile attacks in 2021 when the government healthcare system was attacked, with the group also demanding $20,000,000 in ransom. This happened in 2020 as well, when the group pledged to side with Russia in its war against Ukraine, which was eventually shutdown after a Conti member leaked the ransomware’s source code.

The U.S. Department of State’s Rewards for Justice program is not just limited to the $10,000,000 bounty for information on Conti ransomware members, but is also offering bounties for information on REvil and Evil Corp ransomware groups. Rewards for Justice also makes it clear that the U.S. government is not only hunting Conti and REvil members, but anyone participating in malicious cyber attacks against critical U.S. infrastructure.

Click HERE to more about our Ransomware Prevention and Recovery Services! We are available 24×7 to assist you with any of your ransomware needs.

Latest Ransomware Related Blogs

Ransomware impact on customer trust. lose-up of hands on a laptop keyboard with glowing code and digital particles floating around, giving a high-tech, programming or hacking impression.
Cloud ransomware vulnerability assessment. A hand holds a smartphone above an open laptop. On the laptop screen is a vivid red warning symbol with an exclamation mark inside a triangle, along with icons for email and settings. White arrows labeled "IN" and "OUT" point between the phone and laptop, suggesting a file upload or data transfer in progress. The scene conveys a cyberattack, security breach, or phishing warning.
Ransomware risk management framework. A professional wearing a blue shirt is interacting with a virtual, transparent interface emerging from their laptop. They use a stylus pen, suggesting precise control. Floating around their hands are various icons symbolizing technology, including cloud services, data analytics, global connectivity, finance or banking, and artificial intelligence. The image conveys the themes of digital transformation, data analysis, and secure management through technology.
Ransomware preparedness audits. A person dressed professionally is sitting at a laptop, typing on the keyboard. Around the laptop, there are virtual icons floating in the air, labeled with things such as problem-solving (a lightbulb icon), decision-making (gear icons with check and cross marks), and risk assessment (represented by a notepad icon). This image highlights a person engaged in analytical or cybersecurity-related work, emphasizing thoughtful decision-making.
Ransomware Rescue
Contact Alvaka