There’s a sure poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A person has been accused of making an attempt to extort cash… from a infamous Russian ransomware gang.
Conti, one of many world’s most notorious cybercriminal operations, was allegedly the sufferer of an tried rip-off by somebody pretending to be an officer of Russia’s Federal Safety Service (FSB).
Based on a report by Russian information outlet RBC, a Moscow resident named Ruslan Satuchin allegedly contacted a member of the Conti cybercriminal group in September 2022, and claimed to have affect over legislation enforcement’s investigation into the gang.
Satuchin is alleged to have made a easy supply to Conti: pay up, or face legal penalties. The irony {that a} ransomware group with a historical past of extorting cash from hacked organisations was itself being extorted is unquestionably not misplaced on anyone.
Satuchin has denied any wrongdoing, and he’s reportedly being held in pre-trial detention in Moscow after police argued efficiently that he ought to stay in custody to keep away from the potential for witness intimidation.
If convicted, Satuchin faces as much as ten years in jail and a high-quality of as much as a million rubles (roughly US $13,000)
At its peak, Conti was knowledgeable cybercriminal enterprise, incomes eye-watering quantities of cash by blackmailing organisations together with governments, companies, and hospitals worldwide.
The Irish Well being Service Govt alone estimated restoration prices from a Conti assault in 2021 at over US $600 million after it was hit in 2021.
The internal workings of the Conti group have been revealed in 2022 when a pro-Ukraine researcher revealed tens of 1000’s of the gang’s leaked chat logs, supply code, and infrastructure paperwork. That knowledge bolstered long-standing suspicions that the Conti group intentionally averted Russian targets, and aligned itself with the pursuits of the Kremlin.
Which makes the concept of somebody impersonating an FSB officer to shake them down all of the extra outstanding. You’d want extraordinary nerve — or extraordinary naivety — to strive blackmailing a legal organisation that many believed loved safety from the Russian state.
After the leak, Conti largely collapsed – though people related to the broader community are thought to have moved to different ransomware operations together with Royal, Black Basta, and Akira.
In 2023, sanctions introduced by the US and UK formally named key members linked to Conti.
Conti’s victims paid a heavy value for the gang’s actions. It’s, at the very least, mildly satisfying to study that even ransomware gangs often discover themselves on the receiving finish of another person’s scheme.
