The State Department announced on Thursday that it was offering a reward of up to $10 million for information leading to the identity and location of five individuals believed to be tied to the Conti ransomware group.
The agency accused the hackers, known by their online aliases as “Target,” “Reshaev,” “Professor,” “Tramp,” and “Dandis,” of participating in malicious cyber activities against U.S. critical infrastructure.
“Stripping anonymity from key players, offering bounties, seizing illicit funds, and making public declarations of intent are important actions that may help to increase the real and perceived risks of engaging in ransomware operations,” said Jeremy Kennelly, a senior manager of financial crime analysis at cybersecurity firm Mandiant, in a statement.
Conti, a Russia-based hacker group, has supported the Russian government following its invasion of Ukraine and has threatened critical infrastructure of countries it perceives as a threat to Russia, the State Department said.
The agency added that the group has conducted over 1,000 ransomware operations targeting U.S. and international critical infrastructure, including law enforcement agencies, emergency medical services and 911 dispatch centers.
The State Department has been issuing several of these rewards following the invasion of Ukraine. In May, it offered a similar reward with an additional $5 million for information leading to the arrest of any individual conspiring with the Conti ransomware group.
In April, the agency said it was offering a $10 million reward for information on a group of Russian hackers who were allegedly involved in malicious cyber activities.
According to the State Department, the hackers participated in a criminal conspiracy that took part in a destructive malware infection of computers worldwide in June 2017 using malware referred to as NotPetya.
“Continued action by the U.S. government and law enforcement agencies targeting key criminal organizations such as the Conti operators is critical to shifting the incentives that have allowed the ransomware ecosystem to thrive over the past few years,” Kennelly added.