Following the brand’s association with the Russian government, the Conti ransomware operation has undergone substantial organisational structure modifications in recent months.
While the group appeared to be quite active, threat intelligence firm AdvIntel claims it is in the process of shutting down the Conti brand and converting to a new organizational structure with various subgroups. The downfall of the Conti brand appears to have begun in late February, following Russia’s invasion of Ukraine. Conti proclaimed its support for the Russian government shortly after the war began, and threatened to destroy its adversaries’ key infrastructure.
Conti’s initial comment was changed and softened, but it was too late. Supporting the Russian government sparked internal discussion and resulted in the exposure of massive quantities of internal data, including chats and source code.
Read More: https://www.securityweek.com/conti-ransomware-operation-shut-down-after-brand-becomes-toxic