Conti Ransomware Shuts Down and Rebrands Itself

The infamous ransomware gang known as the Conti group has effectively brought an end to their operation by taking their infrastructure down and informing their team leaders that the brand no longer exists.

What Happened?

Yelisey Boguslavskiy of Advanced Intel tweeted this afternoon that the gang’s internal infrastructure had been shut down, which is where we learned this piece of information.

[FLASH] #Conti Officially DisCONTInued

Today the official website of Conti #Ransomware was shut down, marking the end of this notorious crime group; it is truly a historic day in the #intelligence community!

Look forward to today’s @AdvIntel with extended analysis!@VK_Intel pic.twitter.com/gMSXhlHVSb

— Yelisey Boguslavskiy (@y_advintel) May 19, 2022

According to BleepingComputer the Tor admin panels that members used to undertake negotiations and post “news” on their data leak site are now down. This is despite the fact that the public-facing ‘Conti News’ data leak and the ransom negotiation website are still accessible.

It is possible that Conti created a facade of a live operation while its members slowly migrated to other, smaller ransomware operations.

According to AdvIntel, Conti just intended to exploit the platform as a marketing tool, simulating their own death and subsequent rebirth in the most

Read More: https://heimdalsecurity.com/blog/conti-ransomware-shuts-down-and-rebrands-itself/