US State Division pronounces $10 million bounty after Costa Rica ransomware assault

US State Department announces $10 million bounty after Costa Rica ransomware attack


Within the wake of a large ransomware assault on the Costa Rican authorities in April, the US authorities issued a discover final week declaring a bounty probably price thousands and thousands of {dollars} on individuals concerned with the Conti ransomware used within the hack. Rodrigo Chaves Robles, Costa Rica’s just lately sworn-in president, declared a nationwide emergency because of the assault, in line with CyberScoop.

Based on BleepingComputer, the ransomware assault affected Costa Rica’s ministries of finance and Labor and Social Safety, in addition to the nation’s Social Growth and Household Allowances Fund, amongst different entities. The report additionally says that the assault affected some companies from the nation’s treasury beginning on April 18th. Hackers not solely took down among the authorities’s methods, however they’re additionally leaking information, in line with CyberScoop, which notes that just about 700GB of information has made its approach onto Conti’s web site.

The Department of State Bureau of International Narcotics and Law Enforcement Affairs (INL) Offers  Rewards of up to $10,000,000 United States dollars for Information Leading to the Identification or Location of key leaders, and up to $5,000,000 United States dollars for Information Leading to the Arrest, and/or Conviction of the Owners/Operators/A...  Conti Ransomware as a Service Group  Contact the FBI with any tips by phone or internet: Phone: +1-800-CALL-FBI +1-800-225-5324 

The US State Division says the assault “severely impacted the nation’s international commerce by disrupting its customs and taxes platforms” and affords “as much as $10 million for data resulting in the identification and/or location” of the organizers behind Conti. The US authorities can also be providing $5 million for data “resulting in the arrest and/or conviction of any particular person in any nation conspiring to take part in or trying to take part” in a Conti-based ransomware assault.

Final yr, the US supplied comparable bounties on REvil and DarkSide (the group behind the Colonial Pipeline assault). REvil is essentially regarded as defunct after the US reportedly hacked the group’s servers and the Russian authorities claimed to have arrested a number of members.

The Costa Rican authorities isn’t the one entity to fall sufferer to Conti’s ransomware. As Krebs On Safety notes, the group is especially notorious for concentrating on healthcare amenities corresponding to hospitals and analysis facilities.

The gang can also be identified for having its chat logs leaked after it declared that it totally supported Russia’s authorities shortly after the invasion of Ukraine started. Based on CNBC, these logs confirmed that the group behind the ransomware itself was having organizational points — individuals weren’t getting paid, and there have been arrests occurring. Nonetheless, like many ransomware operators, the precise software program was additionally utilized by “associates,” or different entities who used it to hold out their very own assaults.

In Costa Rica’s case, the attacker claims to be one among these associates and says that they aren’t half of a bigger crew or authorities, in line with a message posted by CyberScoop. They’ve, nonetheless, threatened to hold out “extra severe” assaults, calling Costa Rica a “demo model.”


Leave a Comment