US unmasks Conti suspect for first time, asks public help to identify him

Updated on: 12 August 2022

Jurgita Lapienytė
Chief Editor

Empty courtroom with chair of judge and flags — Image by Shutterstock

If you have any information about the malicious hackers known as Target, Reshaev, Professor, Tramp, and Dandis, come forward.

The US has revealed the face of a Conti associate for the first time and is asking for help identifying him.

The US Department of State is offering a reward of up to $10 million for information that could lead law enforcement to the identification of cybercriminals that have relentlessly targeted critical infrastructure and violated the Computer Fraud and Abuse Act (CFAA).

Threat actors mentioned above are believed to be linked to the Conti ransomware group that has targeted US and Western critical infrastructure. In March, Conti announced its allegiance with Vladimir Putin and threatened critical infrastructure organizations of countries perceived to carry out cyberattacks or war against the Russian government.

Since 2019, Conti ransomware has been used to conduct more than 1,000 ransomware operations.

Experts believe that Conti attacks resemble tactics seen in nation-state attacks. The groups also rely on human-operated attacks instead of increasingly popular automated intrusions. Conti attempts to find a buyer for the data before posting on site.

Ireland's HSE, Volkswagen Group, several US cities, counties, and school districts were affected by Conti. Conti has been observed to be in the networks for anywhere between a few days to even weeks before actually launching ransomware.

The group is believed to be based in the second largest Russian city of Saint Petersburg.

As with many modern extortion gangs, Conti offers Ransomware-as-a-Service (RaaS) package, offering its malware to affiliates. The core team takes 20-30% of a ransom payment, while the affiliates keep the rest of the loot.

The State Department said Conti's ransom demands vary widely, with some being as high as $25 million.

Anyone with information on the malicious cyber activity of the cyber threat actors known as Target, Reshaev, Professor, Tramp, and Dandis is encouraged to contact Rewards for Justice via the Tor-based tips-reporting channel.