Prolific ransomware gang Conti retires their brand

Conti has been one of the most active ransomware gangs of late. After recent attention, the group announced that they will abandon the brand. Their infrastructure has not been updated since, and some of their leak sites are offline. Of course, this does not mean that they will fully disappear.

As recently as April 2022, the Conti group published information about 46 victims on their leak site. In total, they've published information about 859 compromised victims, but the real number of compromises is probably higher, as some have paid the demanded ransom and were not listed as a result.

Group-IB analyzed their modus operandi and saw that the group compromised over 40 organizations in a little over a month. They called this attack wave ARMattack. Averaging more than one successful attack each day, it shows the size of the operation, which is conducted by many affiliates using Conti's ransomware tools.

The Active Protection included in Acronis Cyber Protect Cloud detects and blocks ransomware based on the malicious behaviors it exhibits, keeping your data safe from encryption or extortion even when encountering a new or rebranded threat for the first time.