Earlier this year, on February 22, Conti’s gang became popular because of published Twitter information from an account called “Conti Leaks”. Thanks to the published information, the cyber security community was able to analyze the activities of the gang and its complicated cases.
So we were able to learn that the group’s goal was to focus its forces on cryptocurrency, get to the blockchain, developing a variety of solutions for this. It also became known about the dissolution of the staff within the company and its brand, which is disappearing, but the organization remains steadfast. These changes do not affect the activities of the gang of extortionists, but on the contrary, they continue, so to say, in their spirit.
The cryptocurrency and the blockchains were leaked, namely from chats discussing plans. These conversations took place between the group’s main figures, namely Stern (Chairman or President) and Mango (Chief Operating Officer, who is in charge of internal affairs at Conti).
Four scenarios
Just because the gang started using blockchain actively doesn’t mean that Conti developed something to use it. If you consider all the expectations of the management, then the investment goes to the development of its own applications blockchain. While there is no development detail in the chat rooms, the content provides insight into the range of possible applications. It is also possible to launch your cryptocurrency, and maybe even use the blockchain for internal communications and smart contracts, among other things.
Of all the chats leaked into the network, we were able to identify four scenarios for blockchain applications, namely: extortion, corporate espionage, cryptocurrency market manipulation, as well as building an internal communications network.
Focus on corporate espionage
Its blockchain is a good option for Conti. After all, having it, the gang will be much more convenient to store stolen data, as this data will become almost untouchable, which complicates the task of removing them from the server competitors or investigators. A good opportunity for the company is to have a place to store stolen data, in which case Conti will become more focused on its criminal operations.
Blockchain is a good place to store stolen data, as well as a place to hold private auctions on stolen data. Sales and buyers will naturally because everything will pass through private channels, away from the eyes of the community. Not working in public is the way these extortion gangs operate. But Conti doesn’t want to be a big platform either, because the bigger your activity, the more attention to your activity.
Subscriptions and discounts
It is envisaged that blockchain applications will be more focused on the development of Conti’s racketeering business. In the future, the stolen data may be broken down into microtransactions, as well as offering incremental payments to victims, redeeming the data in parts. A system of smart contracts and automatic transactions are also being developed. It is a kind of reliable subscription for data return.
The ransom for blackmail materials and confidential data will be significantly higher than the other less important pieces of information. also, Conti may in the future provide discounts and promotions when paying on a certain day or holiday. That way, they’ll have some sort of plausible impact on the victim and her decision to pay them.
A cryptocurrency of their own
Creating a cryptocurrency is another strategic business move, by Conti. It will be sold into a fictitious scheme. Proprietary coins can be used for money laundering, manipulation, and sale.
Running a cryptocurrency now is a good choice because the interest in it is now more than great. The income from this now exceeds any savings and investment. It is also a good way for those who do not trust their government much.
Communication under the radar
The creation of an internal communication system could not but interest Conti to include this in its list of developments. From the leaked information we can understand that the situation in the internal communication is not quite, so to speak, smooth. The problem with negative psychological impact is also confusion within the gang. By creating a social network based on the blockchain, it is possible to have a clearer, safer and simpler exchange of information. An established communication system may make Conti more efficient and less visible to investigative control agencies.
New approach needed
There is no active phase of Conti activity after the last leaks. And the main thing to understand is that the technical approach to unmasking Conti activities is no longer enough. Well, I guess the operative schematics of the investigation will be the financial investigations because the blockchain is getting more and more turnover. It is possible but difficult to track crypto-cash flows. For cyberspace, focusing on destruction is something new because it was previously only for national security forces.
But still, attacks and destruction are a good way to deal with Conti. So different thinking is used for detection. It is only a question of whether this is legally and morally correct. Of course, the easiest way would be to regulate the crypto market, but this goal is not as realistic as one would like.
Most of all from this picture, the concern is that if Conti succeeds with blockchains, the multitude of other gangs of extortionists will follow their example, and here begins the most interesting how to deal with them and what are the methods of this fight.