I bet it’s already happened! There are lots of ransomware gangs and only so many potential victims. Different gangs’ “products” will delete other gangs’ malware. They almost certainly hack each other.

Imagine being upset your don’t get a big enough cut of someone else’s stolen money. This world sucks.

I think all that stuff having to do with Conti is in the past tense now.

Although like certain businesses do, they may return under a different branding.

Although attributing ransomware is difficult, everything that has been leaked and is public suggests most of the perpetrators are in CSTO (i.e. Russia-allied) countries that actually at least informally encourage attacks on non-CSTO countries. Leaked policies from criminal organisations suggest they generally do not target victims in CSTO countries. CSTO countries rarely have extradition treaties outside the CSTO - no CSTO country has an extradition treaty with the United States, for example. Sometimes authorities do work together when they are aligned despite the absence of a treaty (e.g. Armenia has extradited to the US before) - but that is unlikely to happen for ransomware criminals that only target victims outside the CSTO.

So I don't think they need immunity from their own government, and they don't fear extradition as long as they don't go to a non-CSTO country. Sometimes they do travel overseas and find out that the government tolerance for their activities doesn't extend outside the CSTO.

Data leaks from criminal organisations to non-CSTO governments (in combination with things the governments collect themselves and share) are likely very helpful in ensuring the criminals are likely to be picked up if they do travel.

> Even if you’re not American, if your government has given you immunity, I don’t think you can be extradited for the same crime. Your government would just refuse the request.

Depends which government it is! Some of them absolutely would.