{"id":46765,"date":"2022-05-21T11:01:09","date_gmt":"2022-05-21T11:01:09","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/"},"modified":"2022-05-21T11:01:09","modified_gmt":"2022-05-21T11:01:09","slug":"conti-russian-backed-rulers-of-costa-rican-hacktocracy","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/","title":{"rendered":"Conti: Russian-backed rulers of Costa Rican hacktocracy?"},"content":{"rendered":"<p><span class=\"label\">In brief<\/span> The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn&#8217;t pay a $20 million ransom.&nbsp;<\/p>\n<p>Costa Rican president Rodrigo Chaves said that the country is effectively at war with the gang, who in April infiltrated the government&#8217;s computer systems, gaining a foothold in 27 agencies at various government levels. The US State Department has offered a <a href=\"https:\/\/www.theregister.com\/2022\/05\/09\/us-reward-conti-ransomware\/\">$15 million<\/a> reward leading to the capture of Conti&#8217;s leaders, who it said have made more than $150 million from 1,000+ victims.<\/p>\n<p>Conti claimed this week that it has insiders in the Costa Rican government, the AP <a href=\"https:\/\/apnews.com\/article\/technology-government-and-politics-caribbean-gangs-381efc2320abb5356dee7f356e55e608\">reported<\/a>, warning that &#8220;We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power, you have introduced an emergency.&#8221;&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Experts who spoke to the AP said they doubt actual regime change is likely, or the goal; Emsisoft analyst Brett Callow told the newswire that the threats are simply noise, and not to be taken seriously.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Callow may be right: News unfolding late this week suggests that <a href=\"https:\/\/twitter.com\/y_advintel\/status\/1527360416724094989\" rel=\"nofollow\">Conti has gone offline<\/a>, and may be breaking into several subsidiary groups. Its political ambitions in Costa Rica may just be a distraction, albeit one that could also turn a tidy profit.&nbsp;<\/p>\n<h3 class=\"crosshead\"> <span>NSA: Trust us, no post-quantum encryption backdoors<\/span><br \/>\n<\/h3>\n<p>The NSA wants to ease everyone&#8217;s concerns now: Even though it&#8217;s been involved in the US government&#8217;s post-quantum encryption research, the spy agency won&#8217;t have a backdoor.<\/p>\n<p>Speaking to Bloomberg while discussing the National Institute for Standards and Technology&#8217;s post-quantum encryption competition, NSA Director of Cybersecurity (and <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2018\/01\/22\/rob_joyce_hacking\/\" rel=\"noopener\">Christmas-tree hacker<\/a>) Rob&nbsp;Joyce <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2022-05-13\/nsa-says-no-backdoor-in-new-encryption-scheme-for-us-tech?sref=P6Q0mxvj\" rel=\"nofollow\">said<\/a> the new standards being developed are so strong that &#8220;there are no backdoors.&#8221;&nbsp;<\/p>\n<p>That would be a departure from previous encryption standards, which the NSA is believed to have had <a href=\"https:\/\/www.theregister.com\/2020\/10\/28\/nsa_backdoor_wyden\/\">ready access<\/a> to \u2013 until foreign spies acquired a copy of the backdoor software for their own use. The Biden administration <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/05\/05\/us_quantum_initiatives\/\" rel=\"noopener\">recently announced<\/a> additional funding for post-quantum encryption research, which aims to develop a form of protecting sensitive data so secure that even a quantum computer couldn&#8217;t crack it.&nbsp;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The US has been actively working to develop encryption standards able to stand up to quantum computers for some time; Joyce claimed to Bloomberg that the NSA has had its own post-quantum encryption algorithms for several years, but those aren&#8217;t part of the NIST competition or available to the public.&nbsp;<\/p>\n<p>Despite spending tens of millions to address the security problems posed by quantum computers, the NSA also readily admits that <a href=\"https:\/\/www.theregister.com\/2021\/09\/01\/nsa_quantum_computing_faq\/\">it has no idea<\/a> when, or even if, quantum computers able to crack modern public key cryptography will be realized.&nbsp;<\/p>\n<h3 class=\"crosshead\"> <span>Frustrated IT admin gets seven years for deleting company databases<\/span><br \/>\n<\/h3>\n<p>A former database administrator from China who wiped out his employer&#8217;s financial records has been sentenced to seven years in prison as a result.<\/p>\n<p>Han Bing, who managed databases for Chinese real estate brokerage Lianjia, allegedly used his administrator access and root privileges to log in to two of Lianjia&#8217;s database servers, and two application servers, where he wiped financial data and related applications that took the company&#8217;s entire finance system offline, <a href=\"https:\/\/www.4hou.com\/posts\/Yq49\" rel=\"nofollow\">said<\/a> Chinese news sources.&nbsp;<\/p>\n<p>Bing was reportedly disgruntled with his employer. He repeatedly warned them of security flaws in Lianjia&#8217;s finance system but felt ignored and undervalued, Lianjia&#8217;s ethics chief testified in court. Bing&#8217;s actions directly cost the company around $27,000 to recover data and rebuilt systems, but that doesn&#8217;t include the impact of lost business.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Bing was caught when Lianjia questioned everyone with access to the financial systems who had permissions to do what Bing did, of whom there were only five. The company claims that Bing acted suspiciously when asked to present his laptop for inspection, refusing to provide his password and claiming privacy privileges.&nbsp;<\/p>\n<p>The company said it suspected none of the laptops would show traces of the attack, but wanted to see how those it questioned would react. Investigators were later able to recover logs that pointed to Bing&#8217;s laptop&#8217;s IP and MAC addresses, and crosschecking logs against security footage put Bing in the right place at the right time to be the guilty party.<\/p>\n<h3 class=\"crosshead\"> <span>Apple patches a whopping 98 separate vulnerabilities<\/span><br \/>\n<\/h3>\n<p>Apple has had a busy week: In a series of security updates released Monday and Wednesday, the iMaker patched 98 separate vulnerabilities out of its various software platforms.<\/p>\n<p>The updates in question cover most every bit of software Apple makes: <a href=\"https:\/\/support.apple.com\/kb\/HT213253\" rel=\"nofollow\">WatchOS<\/a>, <a href=\"https:\/\/support.apple.com\/kb\/HT213258\" rel=\"nofollow\">iOS and iPad OS<\/a>, macOS <a href=\"https:\/\/support.apple.com\/kb\/HT213257\" rel=\"nofollow\">Monterey<\/a>, <a href=\"https:\/\/support.apple.com\/kb\/HT213256\" rel=\"nofollow\">Big Sur<\/a> and <a href=\"https:\/\/support.apple.com\/kb\/HT213255\" rel=\"nofollow\">Catalina<\/a>, <a href=\"https:\/\/support.apple.com\/kb\/HT213261\" rel=\"nofollow\">Xcode<\/a>, <a href=\"https:\/\/support.apple.com\/kb\/HT213254\" rel=\"nofollow\">tvOS<\/a>, <a href=\"https:\/\/support.apple.com\/kb\/HT213260\" rel=\"nofollow\">Safari<\/a> and <a href=\"https:\/\/support.apple.com\/kb\/HT213259\" rel=\"nofollow\">iTunes<\/a> for Windows were all included. Most of the vulnerabilities are from the past few months, but one common vulnerability and exposure (CVE) number covered by the updates dates back to <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-4142\" rel=\"nofollow\">2015<\/a>.<\/p>\n<p>A few of the vulnerabilities covered by this week&#8217;s glut of Apple patches were rolled out previously for one system, but not others, as was the case with CVE-2022-22674 and -22675, which were patched in macOS Monterey, but not older versions, in <a href=\"https:\/\/www.theregister.com\/2022\/04\/06\/apple_patched_zerodays_in_macos\/\">April<\/a>. Those vulnerabilities were reportedly being actively exploited at the time.&nbsp;<\/p>\n<p>Malicious applications executing arbitrary code with kernel privileges appears to be the most common type of hole being closed in this round of patches, though some do stand out, like Apple Watch bugs that could let apps capture the screen and bypass signature validation.<\/p>\n<p>On iOS, vulnerabilities patched include websites being able to track users in Safari private browsing mode, while macOS users are being protected against apps being able to bypass Privacy preferences and access restricted portions of the filesystem.<\/p>\n<h3 class=\"crosshead\"> <span>Russian-backing Chaos ransomware variant is pure destruction<\/span><br \/>\n<\/h3>\n<p>Cybersecurity firm Fortinet has discovered a variant of the Chaos ransomware that professes support for Russia&#8217;s invasion of Ukraine, but appears to have no decryption key to rescue victims in Putin&#8217;s regime.&nbsp;<\/p>\n<p>The variant appears to have been compiled with Chaos&#8217; GUI customization tool as recently as May 16, Fortinet <a href=\"https:\/\/www.fortinet.com\/blog\/threat-research\/chaos-ransomware-variant-sides-with-russia\" rel=\"nofollow\">said<\/a>. The researchers said they&#8217;re unsure how the Chaos variant infects its victims, and said the variant doesn&#8217;t act any differently than typical Chaos ransomware.&nbsp;<\/p>\n<p>Like other forms of Chaos, it enumerates files on infected systems, and irrevocably damages any larger than around 2MB by filling it with random bytes. Anything smaller is encrypted, but recoverable with a key. Chaos also typically attacks commonly used directories like Desktop, Contacts, Downloads and Pictures, which are encrypted entirely.&nbsp;<\/p>\n<p>Here&#8217;s where this Chaos variant differs: It&#8217;s overtly political, and instead of offering contact info and a ransom demand, the malware simply says &#8220;Stop Ukraine War! F**k Zelensky! Dont [sic] go die for f**king clown,&#8221; along with a pair of links to sites claiming to belong to the Information Coordination Center, but offering no information otherwise. Files are also encrypted with a &#8220;f**kazov&#8221; extension, likely referring to the Ukrainian Azov Battalion.<\/p>\n<p>Fortinet said that this Chaos variant appears unique in the sense it appears designed to be file-destroying malware. &#8220;This particular variant provides no such avenue as the attacker has no intent on providing a decryption tool \u2026 clearly, the motive behind this malware is destruction,&#8221; Fortinet said.&nbsp;<\/p>\n<p>The FortiGuard team behind the research warns that with its GUI, Chaos ransomware has become a commodity product, and it expects additional attacks of this variety to emerge. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2022\/05\/21\/in_brief_security\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Also, Chinese IT admin jailed for deleting database, and the NSA promises no more backdoors In brief\u00a0 The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn&#8217;t pay a $20 million ransom.\u00a0\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-46765","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Conti: Russian-backed rulers of Costa Rican hacktocracy? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Conti: Russian-backed rulers of Costa Rican hacktocracy? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-21T11:01:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Conti: Russian-backed rulers of Costa Rican hacktocracy?\",\"datePublished\":\"2022-05-21T11:01:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/\"},\"wordCount\":1248,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/\",\"name\":\"Conti: Russian-backed rulers of Costa Rican hacktocracy? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2022-05-21T11:01:09+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Conti: Russian-backed rulers of Costa Rican hacktocracy?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Conti: Russian-backed rulers of Costa Rican hacktocracy? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/","og_locale":"en_US","og_type":"article","og_title":"Conti: Russian-backed rulers of Costa Rican hacktocracy? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-05-21T11:01:09+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Conti: Russian-backed rulers of Costa Rican hacktocracy?","datePublished":"2022-05-21T11:01:09+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/"},"wordCount":1248,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/","url":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/","name":"Conti: Russian-backed rulers of Costa Rican hacktocracy? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2022-05-21T11:01:09+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YokyorVUlv7vMXiHEepATAAAAIs&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/conti-russian-backed-rulers-of-costa-rican-hacktocracy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Conti: Russian-backed rulers of Costa Rican hacktocracy?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46765","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=46765"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/46765\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=46765"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=46765"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=46765"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}