The Conti cybercriminal group is considered the most dangerous of the moment, especially by the authorities of Costa Rica. His actions pushed the country into a state of emergency.
Cybercriminal acts can sometimes take on serious proportions, and Costa Rica is taking full measure of it. Indeed, the Conti group, which specializes in ransomware, is purely and simply threatening to overthrow its government. Faced with cyberattacks from this Russian group, reputed to be the most dangerous currently in activity, the authorities were forced to declare a national state of emergency several days ago.
Conti ransomware brings an entire country to its knees
The Conti ransomware group manages to shake the world. About ten days ago, he pushed Costa Rica to enter a national state of emergency, ” due to cyberattacks suffered by the systems of different public entities “, as specified in a decree signed by the new local president, Rodrigo Chaves Robles.
On site, it all started in April with the attack on the Ministry of Finance, the extent of the damage being considerable. The Costa Rican Treasury remained for long days without a digital service, which led to a crisis that was reinforced by the sudden slowdown in the various procedures and other signatures. The tax service, essential to the country’s economy, was disrupted, as were the export and customs systems, pushing outright transactions ” by hand from another era.
The Conti Group destroyed computer systems and is now demanding $20 million in return for promising to end the attack. And again, we are not talking to you about the 670 GB of data collected and the information disclosed on the dark web.
Con-ti will not leave
Several countries have offered to help Costa Rica. This is the case of the United States, which is offering $10 million to anyone who can identify and precisely locate the leaders of the Conti group, and $5 million to those who provide information that could help the authorities apprehend the individuals who are conspiring. with Conti.
But who is this devilish ransomware group known as Conti? The first thing to know is that this determined group is one of the best known “of its generation”, dare we say. He has also recently been in the news for openly supporting the Russian government, when other cybercriminal groups have opted to stay neutral and focus on lucrative goals. In addition, it is said to have launched 500 attacks in the last year and has several small ransomware subgroups, which could loosely be called “affiliates”, that use its software.
Conti, which constitutes itself as a real company and demonstrates real economic thinking before its attacks (by scrutinizing its targets, their economic situation, their ability to respond), uses different methods to distribute its software. The group notably conducts spearfishing campaigns. It is a sender impersonation that allows social engineering to trick the recipient into following a malicious link or opening a malicious attachment contained in an email. He is also specialized in fake phone calls or fake software.
On the same subject :
Watch out, REvil ransomware is back
Source : ExpressVPN
5