The Conti Boys
By Dominic Alvieri
1/14/2024
Ransomware groups have come and gone but few have continued to resonate across the criminal ransomware spectrum as the former members of Conti Ransomware. We all know the pipeline hacking name so let's cut to the chase.
Where are members of Conti? Start with the list below.
The list below does not include leaked source code offshoots like Monti or any others. All of the following groups can be attributed to former Conti.
In alphabetical order:
Akira Ransomware, Black Basta, Black Byte, Black Suit (Royal Ransomware), Karakurt Team, Three AM
Royal on The Run
Royal Ransomware was arguably on the run after their attack on the City of Dallas, Texas and has rebranded as Black Suit. Royal Black Suit of you like. Black Suit is active again.
100 Days Without Fam
By all accounts Karakurt has been inactive for over 100 days now. No posts. No attacks. No nothing.
So what happened? No speculations please.
Karakurt Team in high level discussions. |
Black Byte Bitten
The Black Byte leak site was only active for a few hours over the past 2 months only producing a black and white logo change. That's it. I don't expect Black Byte to rebrand. Time will tell as it always does.
Akira Ransomware
Akira Akira. Not my favorite. Why don't we call him angry Conti. Angry Conti has set up his own thing including a cool retro site. Just a reminder that this cool retro site is trying to peg your system and steal your credentials as you browse their leak site. Phish your visitors. Great evil business model.
Black Basta
If there was ever a racist Conti this is it. More hateful. Targeted. The question is whether for Black Basta to retool or rebrand after the "Basta Busta" released. LockBit proved that you can continue without rebranding. Black Cat ransomware is also challenging what you would think to be the norm.
Black Basta was named by one of the most racist white guys ever.
There are arguments to be made to include a few other names and strains. I fell like I missed a name or two.
Don't mount a locker or hack illegally.
Dominic Alvieri X- @AlvieriD
The Cyber Show