Cybercrime

U.S. shares photo of alleged Conti suspect, offers $10 million for intel

The U.S. State Department on Thursday said that it was offering a $10 million reward for “information leading to the identification or location” of state-sponsored hackers who attack U.S. critical infrastructure, including individuals linked to the notorious Conti ransomware gang.

The department’s Rewards for Justice program shared an image of a man it said is tied to the group who goes by the name “Target,” and said it is searching for other members who use the handles “Reshaev,” “Professor,” “Tramp,” and “Dandis.”

The image depicts a bearded man in a black jacket, who is holding a bottle and wearing a white hat with earflaps. On Twitter, Rewards for Justice mocked the man in both English and Russian.

“To the guy in the photo: Imagine how many cool hats you could buy with $10 million dollars!” Rewards for Justice tweeted. 

The announcement didn’t include many details about the individual, but it marks one of the first times that a Conti operative has been potentially unmasked. The group’s members have managed to keep a low profile despite launching brazen attacks, including one that had wide-reaching impacts on the government of Costa Rica. The State Department put out a separate $10 million bounty in May as the group held the government for ransom and threatened to “overthrow” the newly-elected president.

Later that month, the group started taking down much of its infrastructure. Cybersecurity experts said Conti would likely splinter into other ransomware operations to avoid detection by law enforcement. Conti had been linked to more than 850 attacks since 2019, according to data collected by Recorded Future, including 2021 attacks against Ireland’s Health Service Executive and hospital systems in New Zealand.

“Conti ransomware has been used to conduct more than 1,000 ransomware operations targeting U.S. and international critical infrastructure, such as law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities,” the State Department wrote in its announcement. “These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the United States.”

The State Department also highlighted the group’s ties to Russia — Conti pledged support to the Russian government following its invasion of Ukraine in February “and threatened critical infrastructure organizations of countries perceived to carry out cyberattacks or war against the Russian government,” the announcement said.

Adam Janofsky

Adam is the founding editor-in-chief of The Record by Recorded Future. He previously was the cybersecurity and privacy reporter for Protocol, and prior to that covered cybersecurity, AI, and other emerging technology for The Wall Street Journal.

Recent Posts

TikTok could face £27 million fine for failing to protect UK children’s privacy

Social media platform TikTok could face a fine of £27 million after an investigation by…

4 hours ago

IBM expands HBCU cybersecurity center program to 20 schools

IBM announced this week that it will be expanding its collaboration with Historically Black College…

4 hours ago

US Treasury carves out Iran sanctions exceptions for internet providers

The U.S. Department of Treasury said it is carving out exceptions within its stifling sanctions…

2 days ago

US Nuclear Security Administration criticized by watchdog over cybersecurity failures

The U.S. agency that maintains and modernizes the country’s nuclear stockpile was criticized by a…

3 days ago

Log4j: Senators introduce bill centered on CISA open source security efforts

A bipartisan group of senators introduced a new bill this week intended to address the…

3 days ago

7-year Android malware campaign targeted Uyghurs: report

The Uyghur community was targeted with an Android-based malware campaign for over seven years, according…

3 days ago