{"id":6912,"date":"2022-06-24T16:12:37","date_gmt":"2022-06-24T07:12:37","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=6912"},"modified":"2022-07-19T16:15:30","modified_gmt":"2022-07-19T07:15:30","slug":"conti-ransomware-finally-closes-the-book-on-their-operations","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/conti-ransomware-finally-closes-the-book-on-their-operations\/","title":{"rendered":"Conti ransomware finally closes the book on their operations"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"6912\" class=\"elementor elementor-6912\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-fee265b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"fee265b\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-aabd816\" data-id=\"aabd816\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-046502a elementor-widget elementor-widget-text-editor\" data-id=\"046502a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>On Wednesday 20th of June 2022, the Conti ransomware gang finally closed the book on their operation after taking down the last two Tor servers which were used to leak data and negotiate with victims. It was first reported in May, that Conti had started to shut down their operations and had told its members that the operations were going to be decommissioned. However, Conti left one member to continue the appearance of the operation still running by continuing to leak data and taunt Costa Rica, to allow for the other members to quietly move to other ransomware gangs.<\/p><p>&#8220;The only goal Conti had wanted to meet with this final attack was to use the platform as a tool of publicity, performing their own death and subsequent rebirth in the most plausible way it could have been conceived,&#8221; \u2013 The May Report by Advanced Intel.<\/p><p>Even though the operation seems to be still active, no attacks were conducted by the gang and any data leaked by the remaining Conti member was from older attacks. Furthermore, the member looked to confuse researchers and law enforcement, by releasing the same victim&#8217;s data on their sites as well as Hive&#8217;s data leak site, where he is also known as an affiliate.<\/p><p>In terms of the other members of Conti, many of them have been seen joining other well-known gangs including Hive, AvosLocker, BlackCat, Hello Kitty, and Quantum. Although some members instead have launched their own data extortion operations such as Karakurt, BlackByte, and the Bazarcall collective. Therefore, it is highly recommended that organisations remain vigilant and practice good cybersecurity habits as the highly experienced Conti members are still actively targeting victims worldwide but just under other ransomware operations.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>On Wednesday 20th of June 2022, the Conti ransomware gang finally closed the book on their operation after taking down the last two Tor servers which were used to leak data and negotiate with victims. It was first reported in May, that Conti had started to shut down their operations and had told its members that the operations were going<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":6917,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,10,9,2,1],"tags":[],"class_list":["post-6912","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest_news","category-latest_vulnerabilities","category-ransomware_criminals","category-ce_news","category-uncategorized"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2022\/07\/Picture1-4.jpg?fit=1379%2C919&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6912"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=6912"}],"version-history":[{"count":6,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6912\/revisions"}],"predecessor-version":[{"id":6920,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6912\/revisions\/6920"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/6917"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=6912"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=6912"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=6912"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}