The Workaday Life of the World’s Most Dangerous Ransomware Gang
The Conti ransomware gang was on top of the world. The sprawling network of cybercriminals extorted $180 million from its victims last year, eclipsing the earnings of all other ransomware gangs. Then it backed Vladimir Putin’s invasion of Ukraine. And it all started falling apart.
Conti’s implosion started with a single post on the group’s website, usually reserved for posting the names of its victims. Hours after Russian troops crossed Ukrainian borders on February 24, Conti offered its “full support” to the Russian government and threatened to hack critical infrastructure belonging to anyone who dared to launch cyberattacks against Russia.
But while many Conti members live in Russia, its scope is international. The war has divided the group; privately, some had railed against Putin’s invasion. And while Conti’s ringleaders scrambled to retract their statement, it was too late. The damage had been done. Especially because the dozens of people with access to Conti’s files and internal chat systems included a Ukrainian cybersecurity researcher who had infiltrated the group. They proceeded to rip Conti wide open.