Conti ransomware group attacks Peruvian government computer systems; confidential information leaked

Hackers from the Conti ransomware group claim to have attacked members of the General Intelligence Directorate of Peru’s Ministry of the Interior (DIGIMIN), leading to the leak of confidential details about the activities of some top government officials.

Information security specialists identify Conti as one of the most dangerous ransomware operations in the world, linking this group to some high-profile cyberattacks. Like other ransomware operations, Conti is suspected of working from Russia, where it has access to all sorts of resources and operates under the protection of the Kremlin. Recently, the group claimed responsibility for the attack on various Costa Rican government organizations.

Screenshots obtained from the hackers’ official dark web platform show evidence of the compromised information, allegedly obtained after attacking 2 DIGIMIN email servers. In one of the leaked documents, it can be seen that the intelligence agency was investigating some recent events such as alleged terrorist acts.

As Peruvian authorities investigate the incident, Conti continues to issue threats to force the payment of a ransom: “They will suffer very seriously if these documents are made public. We work exclusively for money. We do not pursue other ends,” say the cybercriminals.

In addition, the hackers mention that, in this case, the same thing can happen as in Costa Rica, where Conti publicly disclosed information from five public entities after the government refused to pay a $10 million ransom.

Finally, a report by the security firm ESET assures that the leaked information is legitimate, confirming that the attack is real and remains active: “The conti extortion group added on its dark website the name of a government entity in Peru as one of its most recent victims.” Experts add that there is a leaked folder full of PDF documents classified as secret, so the incident could have serious national security repercussions for Peru.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.