US offers $15 million in rewards for information on Russia-based Conti ransomware group

The United States is offering rewards totaling as much as $15 million for information on the Russia-based Conti ransomware group, State Department spokesman Ned Price said in a statement on Friday.

The rewards include $10 million for “identification and/or location” of key leaders of the group, and $5 million for information leading to the arrest of anyone participating in a “Conti variant ransomware incident.”

Price said: "In offering this reward, the United States demonstrates its commitment to protecting potential ransomware victims around the world from exploitation by cyber criminals." The reward is offered under the Department of State’s Transnational Organized Crime Rewards Program.

The FBI estimates more than 1,000 victims have made in excess of $150 million in ransomware payments to the Conti group, making its ransomware variant the costliest ever documented. 

Last month, CNBC reported that the Conti group had been damaged by leaks detailing its size, leadership and business operations, as well as the source code of its ransomware. The leaks appeared to be an act of revenge prompted by Conti’s support of the Russian invasion of Ukraine.

Also in April, Bleeping Computer reported that a new malware loader called Bumblebee was probably the latest development of the Conti group, replacing the BazarLoader backdoor used to deliver ransomware payloads.

The emergence of Bumblebee in phishing campaigns coincided with a drop in using BazarLoader for delivering file-encrypting malware, according to researchers.