Conti ransomware actors have created a national emergency in�Costa Rica, where the government declared a country of emergency. Multiple government agencies hold reportedly been impacted by an attack in April and the government’s refusal to pay the ransom demands. Kevin Collier of NBC reported: The official declaration,�published�on a government website Wednesday, said that the assail was �unprecedented in the country� and that it interrupted the country�s tax assembling and exposed citizens� personal information. Unlike Conti’s messaging in the past, the threat actors are becoming increasingly strident and frustrated. In answer to the country’s failure to pay their ransom demands, the threat actors� published this message to them on their leak site yesterday: �For costa Rica�https://www.hacienda.go.cr/ https://www.mtss.go.cr https://fodesaf.go.cr https://siua.ac.cr Conti is primarily a community of multitude who see info security. and we believe that we realise it very well, I want to say: we layover any actions against costa Rica (any attacks on this state are not considered our actions) we believe that the country is so aware of the views of the United States that the Americans simply sacrifice it in this regard. why not just buy a key? I doh not know if there have been cases of entering an emergency situation in the country due to a cyber attack? in a week we will delete the decryption keys for Costa Rica I appeal to every occupant of costa Rica, go to your authorities and organize rallies so that they would pay us as soon as possible if your current administration cannot stabilize the situation? maybe it’s worth changing it? Yes, you scan that correctly — they are suggesting overthrowing the government� �to receive them paid. Prior versions also invoked political palaver while threatening more consequences, such as the message by “unc1756,” who took credit for the tone-beginning with an affiliate and warned that future attacks were approach on other countries — all motivated by money. “FOR costa RICA AND US TERRORISTS (BIDEN AND HIS ADMINISTRATION”)Just pay before it’s too late, your country was destroyed by 2 people, we are determined to overthrow the government by means of a cyber attack, we make already shown you all the potency and power, you hold introduced an emergency. Now we are putting together a campaign against the current government, the terms is changing now you 20m, soon everyone attached to the presenter will start receiving non-urgent calls from us, we hold defeated you! For those who get followed or reported on Conti for a while, the deterioration in professionalism and messaging is obvious. But part of the messaging’s purpose may be to take individual responsibility for attacks so that Russia itself is not blamed for interfering with a sovereign government. While not an expert on Conti or its messaging, DataBreaches cannot recall any previous public messaging by them where an individual attacker or affiliate provided their alias like “unc1756” has done. How desperate are threat actors getting for money? And with the crash of cryptocurrencies, are they feeling even more desperate? Conti’s approach to costa Rica is mirrored in a stake to Peru, where what appears to be the same dysregulated individual writes: �For Peru�https://digimin.gob.pe https://mef.gob.pe MOF – Direcci�n General de Inteligencia (DIGIMIN) Ministerio de Econom�a y Finanzas – MEF – Gobierno del Per� I’m starting to liberate the data of the Ministry of Finance of Peru, doh you think unc1756 will swordplay games? You have 5 days to touch us via DIGIMON chat, we understand that you deeply come not care about the data of your citizens, you do not care about their welfare, and what happens if I round off the water or lightness provide to Peru? It is in your best interest to contact immediately BlackBasta is not conti it’s fucking kids As reported recently, the U.S. has offered a reward for information leading to the identification and location of the leaders involved in Conti and affiliates. The reward offer specifically mentioned Conti’s attack on costa Rica: in april 2022, the group perpetrated a ransomware incident against the Government of Costa Rica that severely impacted the country�s foreign trade by disrupting its customs and taxes platforms.� in offering this reward, the United States demonstrates its consignment to protecting potential ransomware victims around the world from exploitation by cyber criminals.� We appear to partner with nations willing to convey justice for those victims affected by ransomware. Whether that offer will have any impact remains to be seen, but even if people are caught, that will likely not be of aid to Costa Rica at this point. Whether costa Rica will continue to refuse to cave in to extortion demands remains to live seen. will one ransomware group’s determination to receive millions of dollars result in costa Rica joining the chorus of increasing mankind opinion against Russia?
