Ransomware Gang Hacks Costa Rica, Asks Residents to Overthrow the Government

The Conti group is encouraging Costa Ricans to protest and overturn their government after a damaging ransomware attack.
Image:  Esteban Dato/Xinhua via Getty Images

The notorious hacking gang Conti hacked the Costa Rican government and is encouraging citizens to protest their government's nonpayment of a ransom, and says they should overthrow the government if it doesn't pay up. 

Last week, Costa Rica’s president, Rodrigo Chaves declared a state of emergency after the hack. The ransomware attack, according to the country’s government, affected the Ministry of Finance and that there are ongoing attacks, according to the official state of emergency declaration


This weekend, the Conti gang posted a new message on its official website, taunting Costa Rica and encouraging protests. 

“Conti is primarily a community of people who understand information security. And we believe that we understand it very well,” the hackers wrote, asking the Costa Rica government to pay the ransom so that their problems will go away. “Why not just buy a [decryption] key?”

Screen Shot 2022-05-16 at 2.11.16 PM.png

A screenshot of the message posted by the Conti ransomware about its attack on the Costa Rican government (Image: Motherboard)

The hackers also added that they will “delete the decryption keys,” a threat that essentially means it won’t be possible for Costa Rica to unlock the files encrypted by the ransomware. 

“I appeal to every resident of Costa Rica, go to your government and organize rallies so that they would pay us as soon as possible if your current government cannot stabilize the situation? maybe it's worth changing it?” the message concluded.

Conti has a knack for making international headlines and messing with governments. Last year, the hackers apologized to Arab royal families after it published thousands of stolen files from a UK jewelry store, which counts some Middle Eastern royals among its customers. Earlier this year, the group declared publicly that it was supporting the Russian government after its invasion of Ukraine. The group said that it would retaliate against anyone targeting Russia.

“We are going to use all our possible resources to strike back at the critical infrastructures,” the group wrote at the time. 

Conti itself was targeted earlier this year, when someone leaked a treasure trove of internal chat messages showing the inner workings of the gang. Weeks after the leak, the person behind the leak told CNN that he was a Ukrainian IT specialist who did it to contribute to his country’s struggle against Russia. 

“I cannot shoot anything, but I can fight with a keyboard and mouse,” Danylo told CNN.

Subscribe to our podcast, CYBER. Subscribe to our new Twitch channel.