18 May 2022

Conti ransomware gang threatens to overthrow Costa Rican government


Conti ransomware gang threatens to overthrow Costa Rican government

Conti, a Russian-speaking ransomware gang that attacked the Costa Rican administrative systems last month, has upped its threat, saying its goal now is to “overthrow” the new government of the country. The Conti gang has also tried to increase the pressure by raising a ransom demand to $20 million.

“We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power,” the group said. “We have our insiders in your government. We are also working on gaining access to your other systems, you have no other options but to pay us.”

The attack on multiple Costa Rican government agencies, including the Finance Ministry, took place on April 19. Following the attack the newly elected Costa Rican president Rodrigo Chaves declared the state of national emergency.

Chaves said that impact of the attack was broader than previously known, with 27 government institutions, including municipalities and state-run utilities, affected, The Associated Press reported. The president blamed his predecessor Carlos Alvarado for not investing in cybersecurity and for not more aggressively dealing with the attacks in the waning days of his government.

“We are at war and that’s not an exaggeration,” Chaves said.

Earlier this month, the US State Department announced a reward of up to $10 million for information that would allow to identify or locate high-ranking members of the Conti ransomware gang.


Back to the list

Latest Posts

Researchers uncovered undetectable malware linked to Russia's APT

Researchers uncovered undetectable malware linked to Russia's APT

According to a recent report published by Palo Alto Networks, new piece of malware currently evades 56 antivirus products.  
6 July 2022
New ransomware operation RedAlert puts victims on a "board of shame"

New ransomware operation RedAlert puts victims on a "board of shame"

At this point, only one victim is listed on the RedAlert’s data leak website, indicating that the development is very new.
6 July 2022
Microsoft silently issued a fix for ‘ShadowCoerce’ NTLM Relay attack

Microsoft silently issued a fix for ‘ShadowCoerce’ NTLM Relay attack

Despite patching the flaw, Microsoft hasn’t provided any details about it and assigned a CVE ID yet.
6 July 2022