Blockchain analytics firm TRM Labs has raised an alarm over the reemergence of the notorious Conti ransomware group.
TRM Labs says Conti has rebranded under new names.
Conti used to be a notorious ransomware gang that extorted hundreds of bitcoins from U.S. corporations, including healthcare organizations during the COVID-19 pandemic.
According to TRM, Conti “rebranded into at least three smaller groups: Black Basta, BlackByte, and Karakurt.”
According to TRM Labs, Conti has pledged its allegiance to Russia in the recently started war in Ukraine.
TRM says the main successor of Conti is most likely the ransomware group known as Karakurt.
According to the cybersecurity firm Avertium, Karakurt usually attacks organizations that have already been compromised before.
According to TRM Labs, Karakurt has been active since at least October 2021.