The recent reports, claim that the Conti brand is in the process of shutting down and converting to a new organizational structure with various subgroups. The Conti operation has been an enormous success, assisting hackers in making billions of dollars by hacking into the networks of hundreds of major corporations. Following the brand’s association with the Russian government, the Conti ransomware operation has undergone massive organisational structure modifications in recent months.
The decline of the Conti brand seems to have begun in late February, following Russia’s invasion of Ukraine. Conti expressed its support for the Russian regime and threatened to attack its adversaries’ essential infrastructure shortly after the war began. Conti’s initial comment was edited and toned down, but it was too late. Supporting the Russian government sparked internal discussion and exposed massive quantities of internal data, including chats and source code. As per AdvIntel, the factor that finalized the destiny of the Conti brand was the group’s association with the Russian government as a result of professing allegiance to Russia.
It was found that because Russia’s war against Ukraine prompted severe penalties from the West, any payment made to cybercriminals might be interpreted as a contribution to Russia and thus an implicit breach of sanctions. Although Conti has become a toxic brand, the enterprise was too large and profitable to abandon. However, Conti leadership decided that rather than abruptly departing, REvil would try that method, which did not work well. However, they would slowly move to a new approach that would be implemented well before the Conti brand was discontinued.
