@inproceedings{12737a156b4e419f85746eda36b6d84d,
title = "Money over Morals: A Business Analysis of Conti Ransomware",
abstract = "Ransomware operations have evolved from relatively unsophisticated threat actors into highly coordinated cybercrime syndicates that regularly extort millions of dollars in a single attack. Despite dominating headlines and crippling businesses across the globe, there is relatively little in-depth research into the modern structure and economics of ransomware operations.In this paper, we leverage leaked chat messages to provide an in-depth empirical analysis of Conti, one of the largest ransomware groups. By analyzing these chat messages, we construct a picture of Conti's operations as a highly-profitable business, from profit structures to employee recruitment and roles. We present novel methodologies to trace ransom payments, identifying over $80 million in likely ransom payments to Conti and its predecessor - over five times as much as in previous public datasets. As part of our work, we will publish a dataset of 666 labeled Bitcoin addresses related to Conti and an additional 75 Bitcoin addresses of likely ransom payments. Future work can leverage this case study to more effectively trace - and ultimately counteract - ransomware activity.",
keywords = "Conti, Ransomware, cybercrime",
author = "Gray, {Ian W.} and Jack Cable and Benjamin Brown and Vlad Cuiujuclu and Damon McCoy",
note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 2022 APWG Symposium on Electronic Crime Research, eCrime 2022 ; Conference date: 30-11-2022 Through 02-12-2022",
year = "2022",
doi = "10.1109/eCrime57793.2022.10142119",
language = "English (US)",
series = "eCrime Researchers Summit, eCrime",
publisher = "IEEE Computer Society",
booktitle = "Proceedings of the 2022 APWG Symposium on Electronic Crime Research, eCrime 2022",
}