Scamming the hacker and getting caught Russian authorities have arrested a Moscow resident for posing as an FSB intelligence officer to extort and demand payments from members of the Conti ransomware group. Ruslan Satuchin was detained in October of last year and has remained in custody after authorities extended his arrest warrant in December. According to Russian news outlet RBC, the suspect contacted a Conti member in September of 2022, claiming he could prevent the FSB from investigating them for a bribe. While the report doesn't mention how Satuchin identified the Conti members, his alleged extortion campaign began six months after an unnamed Ukrainian IT specialist hacked the group and released internal chats on the internet, shortly after Russia's invasion of Ukraine. Within weeks of the dump, several threat intel specialists linked some Conti members to their real world identities, with many members being based in Russia. RBC reported that Satuchin is pleading not guilty and had known of the investigation against him before his arrest, but refused to flee the country. A Moscow court denied his request for release on house arrest in December, with prosecutors claiming he might try to intimidate Conti members to withdraw their accusations. The Conti gang has been operational and launching attacks for more than a decade now. It initially launched under the name Ryuk, and later became Conti. After its 2022 leak, the group's members have been linked to a bunch of smaller ransomware operations, such as BlackSuit, Royal, and Chaos. Conti is believed to have hacked hundreds of organizations across the world and made an estimated $150 million from their ransomware attacks. Even if the US State Department has rewards for up to $10 million for information on Conti members for their past attacks, Russian media kept calling them "patriotic hackers" in all their reports this week, just because they never attacked Russian companies. Nice moral compass you got there, Russia! Satuchin faces up to ten years in prison if found guilty. [h/t Oleg Shakirov, A.C.] Riskybiz #cybernews #slingshotvpn https://blossom.primal.net/c1a60399dbbb8da657c5ffbd7b508a538905b36939b49ac002646546a7161bfe.jpg https://blossom.primal.net/c1a60399dbbb8da657c5ffbd7b508a538905b36939b49ac002646546a7161bfe.jpg