In May 2022, the ransomware group Conti announced its self-dissolution under pressure from both the authorities—who were fighting against one of the world’s largest RaaS distributors—and cyberactivists such as Anonymous—who did not forgive the group for its allegiance to the Kremlin after the invasion of Ukraine.
Conti’s servers had already been disconnected, and only the group’s showcase site remained active, listing its victims who refused to pay (more than 800 in total), as well as data made public. But in late June 2022, several cybersecurity researchers announced that Conti’s Tor site had stopped working.
This is officially the end of the all-too-familiar Conti brand, but not of the cybercriminal activities of its members. According to AdvIntel, in a deliberate spin-off, Conti has invited its members to join other nearby cybercriminal organisations, maintaining links between the organisation’s members.