Conti ransomware shuts down operation, rebrands into smaller units

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more.
This news comes from Advanced Intel's Yelisey Boguslavskiy, who tweeted this afternoon that the gang's internal infrastructure was turned off.

While public-facing 'Conti News' data leak and the ransom negotiation sites are still online, Boguslavskiy told BleepingComputer that the Tor admin panels used by members to perform negotiations and publish "news" on their data leak site are now offline.

In addition, BleepingComputer was told that other internal services, such as their rocket chat servers, are being decommissioned.

While it may seem strange for Conti to shut down in the middle of their information war with Costa Rica, Boguslavskiy tells us that Conti conducted this very public attack to create a facade of a live operation while the Conti members slowly migrated to other, smaller ransomware operations.
 

plat

Level 29
Top Poster
Sep 13, 2018
1,793


This publicity function of the blog is still technically active (and this activity, as shown below, is highly strategized). At the time of this publication - May 20, 2022, Conti was even uploading anti-Americanist hate speech claiming the USA to be “a cancer on the body of the earth”. This, however, only manifests that the website became an empty shell. At the same time, the crucial operational function of Conti News which was to upload new data in order to intimidate victims to pay is defunct, as all the infrastructure related to negotiations, data uploads, and hosting of stolen data was shut down.

Source
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top