The United States is offering a $15 million reward for information on the Conti ransomware gang

Conti is a Ransomware-as-a-Service operation linked to the Russian-speaking Wizard Spider cybercrime group. The cybercrime gang’s victims include Ireland’s Health Service Executive and its Department of Health, asking the former to pay a $20 million ransom.

The US Department of State is paying up to $15 million for information that leads to the identification and whereabouts of the infamous Conti ransomware gang’s leadership and co-conspirators.

Up to $10 million is available for information on the identity and location of Conti leaders, with an additional $5 million available for information leading to the arrest and/or conviction of people who collaborated or attempted to participate in Conti ransomware attacks. Conti has targeted over 1,000 victims, according to State Department spokesman Ned Price, who have paid over $150 million in ransoms till January 2022.

In May 2021, the FBI warned that Conti operatives had attempted to hack into over a dozen US healthcare and first response institutions. Conti’s training materials, including information on one of its operators, a handbook on deploying several malicious tools, and numerous help documents purportedly offered to the group’s affiliates, were released by a disgruntled associate in August 2021.

Conti is now managing different side companies to support its ransomware activities or pay for initial network access when needed, according to analysts from multiple cybersecurity firms. The Karakurt data extortion group, operating since at least June 2021 and recently linked to Conti as the cybercrime gang’s data extortion arm by researchers from Advanced Intelligence, Infinitum, Arctic Wolf, Northwave, and Chainalysis, is one such side operation.