US Notify Department announces $10 million bounty after Costa Rica ransomware attack
In the wake of a enormous ransomware attack on the Costa Rican government in April, the US government issued a witness final week declaring a bounty doubtlessly worth millions of bucks on of us enthusiastic with the Conti ransomware light within the hack. Rodrigo Chaves Robles, Costa Rica’s recently sworn-in president, declared a nationwide emergency because of the attack, in accordance with CyberScoop.
Per BleepingComputer, the ransomware attack affected Costa Rica’s ministries of finance and Labor and Social Security, as successfully as the nation’s Social Model and Household Allowances Fund, amongst diversified entities. The record also says that the attack affected some products and companies from the nation’s treasury beginning on April 18th. Hackers now not handiest took down one of the crucial necessary federal government’s systems, nonetheless they’re also leaking facts, in accordance with CyberScoop, which notes that in relation to 700GB of facts has made its intention onto Conti’s region.
:no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/23449479/Screen_Shot_2022_05_09_at_15.49.56.png)
The US Notify Department says the attack “severely impacted the nation’s foreign alternate by disrupting its customs and taxes platforms” and offers “up to $10 million for facts main to the identification and/or keep” of the organizers within the back of Conti. The US government will be offering $5 million for facts “main to the arrest and/or conviction of any individual in any nation conspiring to catch half in or attempting to catch half” in a Conti-basically basically based ransomware attack.
Last year, the US offered same bounties on REvil and DarkSide (the group within the back of the Colonial Pipeline attack). REvil is basically realistic defunct after the US reportedly hacked the group’s servers and the Russian government claimed to like arrested a few contributors.
The Costa Rican government isn’t the ideal entity to tumble victim to Conti’s ransomware. As Krebs On Security notes, the group is terribly immoral for targeting healthcare facilities similar to hospitals and analysis facilities.
The crowd will be identified for having its chat logs leaked after it declared that it fully supported Russia’s government rapidly after the invasion of Ukraine started. Per CNBC, those logs showed that the group within the back of the ransomware itself turned into having organizational points — of us weren’t getting paid, and there were arrests occurring. Nonetheless, appreciate many ransomware operators, the actual tool turned into also light by “associates,” or diversified entities who light it to assemble their very contain assaults.
In Costa Rica’s case, the attacker claims to be one amongst these associates and says that they aren’t piece of a more in-depth group or government, in accordance with a message posted by CyberScoop. They like, then again, threatened to assemble “more severe” assaults, calling Costa Rica a “demo model.”
