State Department offers $10 million reward for ransomware hackers

The State Department issued an award for hackers connected to the Russian-backed Conti ransomware group. Photo by Christopher Schirner/<a href="">Flickr</a>
The State Department issued an award for hackers connected to the Russian-backed Conti ransomware group. Photo by Christopher Schirner/Flickr

Aug. 12 (UPI) -- The State Department said Thursday it is offering a reward of up to $10 million for information leading to the unmasking and location of five individuals with connections to the notorious Conti ransomware group.

The department released the online aliases of the hackers that have pledged support to the Russian government. The department accuses the individuals of malicious cyberactivities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act.


The online aliases included the names Target, Reshaev, Professor, Tramp and Dandis.

Conti, also known as Wizard Spider, is a Russian government-linked ransomware-as-a-service group that has targeted infrastructure in the United States and its Western allies.

RELATED Report: Unregulated RenBridge helps criminals launder $540M in crypto

"After Russian military forces invaded neighboring Ukraine in February 2022, Conti ransomware operators pledged support to the Russian government and threatened critical infrastructure organizations of countries perceived to carry out cyberattacks or war against the Russian government," the State Department said.

Federal officials said Conti was first detected in 2019 and has been identified in more than 1,000 ransomware operations affecting digital infrastructures in the United States and overseas, including law enforcement agencies, along with emergency medical services and dispatch centers.


"These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the United States," the State Department said.

RELATED North Korean hackers targeting hospitals and healthcare providers, U.S. agencies warn

"Conti operators typically steal victims' files and encrypt the servers and workstations in an effort to force a ransom payment from the victim. The ransom letter instructs victims to contact the actors through an online portal to complete the transaction."

While the ransom demanded to get control of the files back varied wildly, they have asked for as much as $25 million.

Last month, U.S. law enforcement recovered roughly half a million dollars in ransomware payments made to North Korean hackers by victims including a medical center in Kansas and a healthcare provider in Colorado.

Latest Headlines


Follow Us