The world's most dangerous hacker group is about to disappear

Conti - the world-famous ransomware gang - is said to be about to dissolve, but may switch to a new form of activity.

Conti's unusual movements were discovered by Yelisey Boguslavskiy, founder of security firm Advanced Intel, who has long monitored the group's activities. Conti is the hacker group that confronted Anonymous in February, but then leaked data by some insiders.

According to Boguslavskiy, since May 19, Conti's infrastructure has been shut down. The group's Tor administration system, which members use to post news, capture data and conduct blackmail negotiations, has been taken offline. The server of the Rocket service used for internal communication of the group has also been down.

The only thing that still exists on the Internet is the blog Conti News. After Boguslavskiy made the information public, on May 21, this site still posted an article about the attack campaign on Costa Rica that the group was carrying out, along with the captured data. However, according to security experts, the website is only "shell", while the server storing the data is inaccessible.

The Conti News blog was still active, but the data was inaccessible on May 22.

According to Bleeping Computer , this move of Conti is surprising information, because they are carrying out a campaign to extort tens of millions of dollars into Costa Rica. However, security experts said that this group may be carrying out a rebranding campaign as well as operating method, in which the attack on the Costa Rican government is just a cover for this action.

Accordingly, Conti members will be dispersed and participate in other hacker groups ' activities. This will help them stay connected, while the Conti brand will be decommissioned.

According to analysts, the dissolution of Conti has long been predicted, as the group operates increasingly recklessly, becoming the target of law enforcement agencies.

The group began operating in 2020, specializing in distributing ransomware targeting companies and organizations through tools such as TrickBot and BazarLoader. Gradually, the group became one of the notorious cybercriminals, carrying out many large-scale attacks. In 2021, Conti froze Ireland's information technology system for weeks, attacking the Irish Health Service Executive and the country's Ministry of Health.

Conti's act of "self-destruction" took place in February, when the group announced its support for Russia in its military campaign against Ukraine. Later, despite correcting the message, the group was unable to appease some members. A member of Conti decided to release more than 60,000 internal messages between January 2021 and February 27, causing the group's activities to be exposed and its reputation severely affected.

The US government is also announcing a $15 million reward for information about top members of Conti. This move is said to be the latest reason why Conti has to disband. However, according to Boguslavskiy, Conti will probably only dissolve in terms of the brand, then the group can regroup and form another organization with a larger scale and degree of danger.

Responsible agency: Union of Science and High-Tech Production and Telecommunications (HTI) - Vietnam Academy of Science and Technology
Editor in chief: Vo Tran
Operate and exploit advertising by iNoo Vietnam Media and Technology Joint Stock Company.

357A Nguyen Thi Dinh, TT. Tan Phu, Dong Nai.
Tel: (+84) 818.337.007/5 Fax: 818.337.007
Rooms ad:

Is your job related to mechanical - electromechanical engineering, telecommunications technology, ship-to-space technology, or military? Staying up to date on the industry breakthroughs is the best strategy to include innovation on each new project your company undertakes.