Notorious ransomware gang allegedly blackmailed by fake FSB officer

INDUSTRY NEWS 2 min read Notorious ransomware gang allegedly blackmailed by fake FSB officer Graham CLULEY February 26, 2026 Promo Protect all your devices, without slowing them down. Free 30-day trial There is a certain poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A man has been accused of trying to extort money... from a notorious Russian ransomware gang. Conti, one of the world's most infamous cybercriminal operations, was allegedly the victim of an attempted scam by someone pretending to be an officer of Russia's Federal Security Service (FSB). According to a report by Russian news outlet RBC, a Moscow resident named Ruslan Satuchin allegedly contacted a member of the Conti cybercriminal group in September 2022, and claimed to have influence over law enforcement's investigation into the gang. Satuchin is alleged to have made a simple offer to Conti: pay up, or face criminal consequences. The irony that a ransomware group with a history of extorting money from hacked organisations was itself being extorted is surely not lost on anybody. Satuchin has denied any wrongdoing, and he is reportedly being held in pre-trial detention in Moscow after police argued successfully that he should remain in custody to avoid the possibility of witness intimidation. If convicted, Satuchin faces up to ten years in prison and a fine of up to one million rubles (approximately US $13,000) At its peak, Conti was a professional cybercriminal enterprise, earning eye-watering amounts of money by blackmailing organisations including governments, businesses, and hospitals worldwide. The Irish Health Service Executive alone estimated recovery costs from a Conti attack in 2021 at over US $600 million after it was hit in 2021. The inner workings of the Conti group were revealed in 2022 when a pro-Ukraine researcher published tens of thousands of the gang's leaked chat logs, source code, and infrastructure documents. That data reinforced long-standing suspicions that the Conti group deliberately avoided Russian targets, and aligned itself with the interests of the Kremlin. Which makes the idea of someone impersonating an FSB officer to shake them down all the more remarkable. You'd need extraordinary nerve — or extraordinary naivety — to try blackmailing a criminal organisation that many believed enjoyed protection from the Russian state. After the leak, Conti largely collapsed - although individuals associated with the wider network are thought to have moved to other ransomware operations including Royal, Black Basta, and Akira. In 2023, sanctions brought by the United States and UK formally named key members linked to Conti. Conti's victims paid a heavy price for the gang's activities. It is, at least, mildly satisfying to learn that even ransomware gangs occasionally find themselves on the receiving end of someone else's scheme. TAGS industry news AUTHOR Graham CLULEY Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s. View all posts RIGHT NOW TOP POSTS SCAM HOW TO Scammer phone number lookup. How to check if a phone number is a scam April 19, 2024 FAMILY SAFETY How to Outsmart AI Voice Scammers Pretending to Be Your Family March 03, 2026 SCAM DIGITAL PRIVACY HOW TO How scammers gain access and hack your WhatsApp account and what you can do to protect yourself May 01, 2024 INDUSTRY NEWS 200,000 naked Snapchat images leaked, after third-party hack October 13, 2014 FOLLOW US ON SOCIAL MEDIA YOU MIGHT ALSO LIKE INDUSTRY NEWS $10,000 bounty offered if you can hack Ring cameras to stop them sharing your data with Amazon Graham CLULEY February 25, 2026 INDUSTRY NEWS Spanish police say they have arrested hacker who booked luxury hotel rooms for just one cent Graham CLULEY February 20, 2026 INDUSTRY NEWS They seized $4.8m in crypto... then gave the master key to the internet Graham CLULEY March 03, 2026 BOOKMARKS You have no bookmarks yet. Tap to read it later.