The infamous Russian Conti ransomware group has threatened to overthrow the new Costa Rican government in the wake of their attack on the country’s administrative systems.
An announcement on the cybercriminal group’s official website says that the gang already managed to plant insiders in the government and is working on breaching other systems.
“We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power,” the gang said in a public announcement. “We have our insiders in your government. We are also working on gaining access to your other systems, you have no other options but to pay us.”
To add weight to its extortion attempt, Conti increased its demand to $20 million in exchange for the decryption key needed to unblock compromised systems. To add a sense of urgency, the gang posted another message on its website stating that it will delete the decryption keys in a week, possibly leaving afflicted administrations in a tough spot.
“I appeal to every resident of Costa Rica, go to your government and organize rallies so that they would pay us as soon as possible if your current government cannot stabilize the situation? Maybe it’s worth changing it,” a different message on Conti’s dark web portal reads.
The April 19 attack that compromised Costa Rica’s administrative systems prompted the country to enter a state of emergency. Before encrypting documents, the threat actors leaked several collections of data stolen from the impacted systems.
Reportedly, the disastrous attack was claimed by a Conti affiliate dubbed “UNC1756” that was impersonating the alias that a threat intelligence firm assigns to uncategorized threat groups.
Conti is one of the world’s most-wanted cybercriminal gangs, with the US State Department announcing rewards of up to $10 million for any helpful information that could lead to the identification of its key members.