There’s a sure poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A person has been accused of making an attempt to extort cash… from a infamous Russian ransomware gang.
Conti, one of many world’s most notorious cybercriminal operations, was allegedly the sufferer of an tried rip-off by somebody pretending to be an officer of Russia’s Federal Safety Service (FSB).
In keeping with a report by Russian information outlet RBC, a Moscow resident named Ruslan Satuchin allegedly contacted a member of the Conti cybercriminal group in September 2022, and claimed to have affect over legislation enforcement’s investigation into the gang.
Satuchin is alleged to have made a easy supply to Conti: pay up, or face felony penalties. The irony {that a} ransomware group with a historical past of extorting cash from hacked organisations was itself being extorted is definitely not misplaced on anyone.
Satuchin has denied any wrongdoing, and he’s reportedly being held in pre-trial detention in Moscow after police argued efficiently that he ought to stay in custody to keep away from the potential of witness intimidation.
If convicted, Satuchin faces as much as ten years in jail and a advantageous of as much as a million rubles (roughly US $13,000)
At its peak, Conti was knowledgeable cybercriminal enterprise, incomes eye-watering quantities of cash by blackmailing organisations together with governments, companies, and hospitals worldwide.
The Irish Well being Service Govt alone estimated restoration prices from a Conti assault in 2021 at over US $600 million after it was hit in 2021.
The inside workings of the Conti group had been revealed in 2022 when a pro-Ukraine researcher printed tens of 1000’s of the gang’s leaked chat logs, supply code, and infrastructure paperwork. That information strengthened long-standing suspicions that the Conti group intentionally prevented Russian targets, and aligned itself with the pursuits of the Kremlin.
Which makes the thought of somebody impersonating an FSB officer to shake them down all of the extra exceptional. You’d want extraordinary nerve — or extraordinary naivety — to attempt blackmailing a felony organisation that many believed loved safety from the Russian state.
After the leak, Conti largely collapsed – though people related to the broader community are thought to have moved to different ransomware operations together with Royal, Black Basta, and Akira.
In 2023, sanctions introduced by the USA and UK formally named key members linked to Conti.
Conti’s victims paid a heavy value for the gang’s actions. It’s, at the very least, mildly satisfying to be taught that even ransomware gangs often discover themselves on the receiving finish of another person’s scheme.
