CyberWire Daily - Conti-versal opinions. [Research Saturday]
Episode Date: July 11, 2026Today we are joined by Geoff White, host of Cyber Hack and BBC journalist, taking a deep dive into the Conti ransomware gang. Geoff explores an in-depth investigation into the notorious Conti ransomwa...re gang, drawing from thousands of leaked internal messages to reveal how the group operated behind the scenes. The research uncovers surprising internal debates over targeting healthcare organizations, the fallout from accidentally exposing sensitive Saudi royal family data, and frantic efforts to free an arrested gang member. It also offers a rare look at Conti leader Vitaliy Kovalev through newly uncovered video footage, providing an unprecedented glimpse into one of cybercrime's most influential figures. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
If you are heading to Blackhead USA this year, make plans to visit the SpectorOps Kennel Club.
As the creators of Bloodhound, the SpectorOps team will host talks, workshops, and hands-on sessions aimed at helping you understand AI accelerated attack paths, the latest identity tradecraft, and how to build your own OpenGraph collector.
Visit specterops.io to pre-register and learn more.
While you're at the Spectorops Kennel Club, visit the N2K Cyberwire podcast studio,
where we'll be capturing expert perspectives and conversations from across Black Hat.
We'll see you there.
AI is making fishing attacks faster, more convincing, and harder for people to spot,
and traditional security awareness and fishing training weren't designed for this level of attack.
Huxhunt helps security teams prepare employees for the attacks they face every day,
with personalized fishing training that adapts to each employee and reduces risky behavior over time.
For IT and security leaders looking to strengthen their human layer of defense,
without adding more manual work, visit hoxhunt.com slash cyberwire to learn more.
That's H-O-X-H-U-N-T dot com slash cyberwire.
Hello everyone and welcome to the CyberWires Research Saturday.
I'm Dave Bittner, and this is our weekly conversation with researchers and analysts
tracking down the threats and vulnerabilities,
solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.
Thanks for joining us.
Well, firstly, as a lot of your listeners will know,
Conti were at one stage the preeminent ransomware group in the world.
But the thing that really appealed about Conti was that, for reasons I'm sure we'll go
into in this podcast, a huge trove of their insider internal secret communications was leaked onto the
internet, just publicly leaked. We're talking something in the order in the end of 350,000 messages.
That's Jeff White, BBC journalist and host of Cyberhack. Today we're taking a deep dive into his
research into the Conti ransomware gang. And the reason that's so of interest to someone like
me, sort of an investigative journalist, is that to tell a story, you really need to.
three things. You need a victim and a villain and a hero. That's the classic thing. Now, heroes
often want to tell their story when they've had a good experience. Victims, increasingly,
we can convince them to talk and to talk about what's happened to them. But villains, actually
hearing from villains is quite hard. You get sometimes people who used to be a villain but have
now gone straight who can talk about it or someone maybe who's in prison who got caught. What's
amazing about these leaks from inside Conti is it was the villains talking at the time they were doing
the crimes when they had no idea these communications were going to be public in the end.
You really get to feel like you're inside the room with the guys.
It's incredible. It really is incredible.
How do you go at such a huge trove of information here?
How do you organize it and make it digestible?
The simple answer is you don't and you can't.
And that's one of the frustrations of this.
I mean, look, I know what your listeners will be thinking.
You'll maybe thinking it yourself, Dave, as well.
just use AI. You know, use AI. It'll be ill-sorted all out. There's a couple of problems with that.
I mean, firstly, it's a vast trove information. I mean, 300,000 messages. I don't know how much it would
cost to put that all into an AI engine, but I don't have that money. The other thing is that this is
all, because the Conti gang were largely based, or at least the leadership's largely based, we believe,
in Russia. These chats were all in Cyrillic. Now, translation engines do not do well with Cyrillic.
So one of the examples is, you know, in the leaks, they keep talking about the kubal,
you know, like a sort of snooker or pool or, you know, a billion ball.
And I couldn't understand why they kept talking about kubles all the time.
And it turns out it's a mistranslation.
In Russian, Bitcoin is Bitcoin.
But the N in Cyrillic looks like a V.
So when the translations engines translate it, they translated as Bitkov, which is kubal.
So immediately you start to run into problems.
And the other thing, of course, is these guys are using hackers.
slang, criminal slang. So again, they keep talking about the grandmas in the conversations,
who's got the grandmas? And I couldn't understand why they're all obsessed with their
grandmas. But then it turns out that in Russian, obviously, grandmas, Babushka, and there's
some word, I forget the exact word, but something like Babia or something, which means cash or money.
So whenever they talk about who's got the grandmas, they're talking about who's got the money.
So immediately, just using an AI engine just wouldn't work. And the other thing is, for me,
as an investigative journalist, I want to get up close and personal with these guys.
I really want to understand who they are.
And it's only once you've read, and I've read,
I think I'm up to 47,000 of these messages so far,
it's only when you're at that stage that you really feel like you know them,
you understand them, you hear their voices and who they are.
It's almost like you have to contend with Cockney-Riming slang.
It's very similar.
I watched a film yesterday about a very famous jewelry heist in the UK,
the Hatton Garden Jewelry Heist,
which was perpetrated by some very old script.
old-school crooks who talked in cockney rhyming slang. And yeah, you're exactly right.
It's not just all crime gangs. Lots of organizations have their own internal language, but it's
very similar, yeah. Well, let's talk about the organization itself. As you dug into these chats,
what picture emerged of how Conti actually operates day to day?
Again, it's fascinating reading through these chats because, yes, there is gossip about what
they're going to spend their money on, and there's a lot of bitching goes on, a lot of backbiting
goes on in the Conti organization. H hackers can be quite bitchy people. But really what they're
doing fundamentally day to day is trying to work out how they can expand and scale and develop
their business. I have a theory about Conti, which is that, and actually a lot of ransomware gangs,
these are not stupid people. I mean, ransomware is not an easy thing to do by any stretch of imagination.
To wake up as an intelligent person every day and extort people is hard because you have to really
get close to your victim. You've got to really put some pressure on them. I don't think intelligent
people are easily able to do that. So I think what happened with the Conti gang is they ended up,
certainly some in the team, reframing what they did as business. It's like, okay, I have a client list.
I've got to hit my client list today. I've got to negotiate with this person. I've got to
meet that person. I'm juggling this client. It just being a business was what was a way to scale
it and make money, but being a business was also a way, I think, psychologically, to just keep doing
this quite horrible task day in, day out. And so that's what they're obsessed with.
And it was mundane stuff. I mean, I'll be honest with you, Dave,
one of the main things that they talk about obsessively day in, day out, is recruitment.
They cannot get enough people through the door.
They can't. And there's some solid logistical reasons for that.
You know, they can't advertise what they're doing openly.
They can't say, do you want to join a ransomware gang, you know,
put that on monster.com or, you know, Indeed or whatever.
So they had to be quite cagey.
And immediately, as soon as they reveal that this is actually something quite dodgy,
half the candidates just disappear.
They don't want to work for crime gangs.
So they have to recruit loads and loads of people initially
because at the end of the process,
they're only going to end up with a fraction of those people
really being able to work and work properly.
So they're just obsessed with getting bombs on seats.
It's really interesting.
And how much they pay these people,
what they tell them,
where staff management issues occupy a lot of time for Comte.
What does the power structure look like internally?
How are they organized?
That's a really good question.
And there is, and we explore this in the podcast, definitely a central power structure.
So the man who's behind all of this goes by the hacker nickname Stern.
Stern was the boss.
Stern had the money.
We can go into who he is alleged to be and why he's got money in a bit.
But he's also got some junior people.
There's a guy called Mango, who's kind of like the office manager.
It's a guy called Professor, who, as the name suggests, he does a lot of the coding.
He regards himself as a sort of champion coder.
And so there's all those people internally.
But what Conti struggled with, and one of the things that ended
up helping Conti's demise, if you like, was that it was a numbers game. The more victims they hit
with ransomware, the more money they made. So what they turned to was the affiliate network, effectively
franchising out the operation, making their malware available for other people to use. At that point,
that central team of people loses control of the brand. In the same way that, you know, McDonald's has
to keep a careful eye on what all its managers are doing so that the McDonald's brand is still, you know, reputable.
All those McDonald's restaurants all run by individual managers, their franchises.
Conti was a bit the same, but they weren't able to do it to the extent that McDonald's were able to do it.
Because juggling these people and controlling these affiliates became a huge headache.
So you've got a tight central structure, a tight product, but in trying to scale it, they ran into the problems franchise operation runs into.
Well, let's talk about the boss.
Who do you suppose was behind this?
As I say, there's a hacker nickname called Stern.
we see from the leaked chats from within Conti that we've been through, we see Stern as being the boss.
He's the guy with the money.
Always a shadowy figure.
It doesn't say a lot in the chat.
It's very terse, very, I'd say very Russian in his communications, doesn't say a lot.
You know, why use five words when one word will do?
But he's clearly in charge.
Now, when the leaks started happening and these leaks from Conti came out in the wake of the war against Ukraine,
when Russia, we invaded Ukraine in 2022.
someone in the gang was clearly sympathetic to the Ukrainian side. Conti declared their support
for Vladimir Putin's special operation, as he called it, and someone in the gang did not like
that. So that's how these chats get leaked. Someone, a Ukraine supporting person with access to the
chats, leaks the whole lot. So we see Stern in those conversations. Obviously, it wasn't just
journalists and researchers look at those chats. Every law enforcement agency worth its salt was
downloading the Conti leaks and trying to work out who was involved. Who was involved?
here. German police, the BCA, the German sort of federal police, looked into this. They put
this information together with intelligence they had, and they came out with a name, a man called
Vitali Kovalev, a Russian guy in his 30s, who they claim is the true face of Stern.
We have got actually quite a lot of information about Stern as part of the podcast. We rummaged
out videos on the internet where he appears. And it's quite disconcerting because he, you know,
In the podcast, I've sort of said, look, Stern is the kind of guy.
He looks like the kind of guy who, if you had a car crash or your car needed to push,
and you were looking around for somebody to help you,
Stern looks like the kind of guy who'd helped push your car.
He looks very friendly and cheery.
But actually, he's alleged to be behind this giant crime ring.
It's a very disconcerting thing, seeing him face to face.
Did we have any insights on his background, how he came to be in this position?
Well, yes. So it's interesting. I'm sure you found this, Dave, with cyber stories. They kind of get sometimes put together in hindsight. So one thing happens and then another thing happens and you end up looking back down the telescope. But what we believe about this character, Vitali Kovalev, who went on to become stern, is that he's got, according to law enforcement agencies, a very long career in cyber crime, starts out as part of a group called Zeus, who again, you and your listeners may be familiar with, you know, the malware from way back when. Kovalev is accused of,
of being part of the laundering network around Zeus,
was working in the US around the time under the nickname Bentley,
and effectively got his start, I think, there.
That's the accusation against him.
And then goes on to set up his own gang,
and then eventually goes on to head up Conti.
So that's the sort of genesis,
certainly putting the pieces together from the BCA,
the Department of Justice in the US,
and the National Crime Agency in the UK.
That's the timeline they sort of see.
And so you see this very, very long,
decade-long career,
if those allegations are correct in crime.
Do you have any sense for how the leadership of this group maintained order?
What could they hold against someone?
In terms of their victims, you mean, or their employees?
The employees.
Well, the employees, it's really interesting in that they have a certain amount of power
because they are creating the malware.
I mean, fundamentally at the heart of any ransomware operation is the ransomware,
the encryption software.
And what's interesting is my impression of those guys is,
They're coders that they exist to write very, very good code that encrypts lots of data very quickly.
That's your job.
But getting that ransomware onto a system, well, that involves sending phishing emails, potentially carrying out, you know, lagging operations where you phone up help desks and trick them into installing it.
You know, there's a whole sort of fishing social engineering side of this.
The coders in ransomware gangs are not necessarily the best at that.
So they outsource it, and this is the affiliate network, they outsource it to others.
And in terms of the control they exert, it's interesting.
There is, and I'm sure you've, this is not news to you,
there's a sort of pendulum swing that goes back and forwards in terms of power
between the affiliates and the ransomware operators.
The ransom operators need the affiliates to spread the stuff,
but the affiliates, they're the ones who actually end up infecting the victims
and making the money.
And actually the split of money, I think reflects that.
Often we've seen a split of money, 80% go into the affiliate,
and 20 going back to the ransomware gang.
That implies to me that the powers on the affiliate side and the ransomware gangs are in a competitive marketplace.
In fact, one of the gangs I was reading about today, Brian Krebs has been blogging about this,
the gentleman ransomware group was offering 90% to the affiliates.
So there's a marketplace.
And you see this in the chats.
You see this in the Conti chats.
They're talking about how much other gangs are offering, what split they're offering, can we compete?
It's competitive marketplace.
We'll be right back.
This episode is supported by Black Hat USA.
If you follow the research, you know a lot of it breaks on Black Hat stages.
Hundreds of peer-reviewed briefings, more than 100 hands-on trainings,
and the largest business hall in Black Hat's history.
Six days to learn the skills you'll need tomorrow.
August 1st to the 6th.
Use code Cyberwire for $200 off your briefings pass at blackhat.com.
We'll see you in Vegas.
In Toronto, every arrival is a statement, and nothing says it better than this.
Cadillac Optic was the number one selling luxury EV in Canada for 2025.
Find your rhythm across a seamless 33-inch display and an immersive 19-speaker AKG surround audio system.
This city demands agility and optic delivers with precision to make every drive extraordinary.
Let's take the Cadillac.
Find out more at Cadillac Canada.ca.
Luxury sales claim based on S&P Global Mobility Canadian New Vehicle Total Registrations for calendar year 2025 for the Cadillac definition of luxury.
One of the fascinating elements of your research involved the internal debates about targeting healthcare organizations.
Take us through that.
Yes, healthcare obviously is a very contentious target.
This is the point where cybercrime turns very, very real world effects indeed.
In the UK we had in the past year the first confirmed death as a result of a ransomware attack.
For the family that lost their family member, the idea that a cyber attack took your relative
life away, that's a horrific thing to contend with. And even if not that, we've seen operations,
very, very, very, very sensitive operations and very sought-after operations, you know, being
rescheduled. So it's not just the death, it's the suffering of people and the psychological
suffering. So healthcare's contentious. I think there's this sense that, oh, well, these ransomware gangs
don't care. They'll just hit hospitals. They've hit hospitals before. From what we see in the
Conti leaks, it's not that simple. There's a very wide,
range of opinions, all the way from people who, you know, in the case of some people in Conti,
one particular guy called Target, was extremely aggressive and basically deliberately hit hospitals
during the pandemic, knowing that at that stage it was likely those hospitals would want to pay up.
But you see all the way at the other end, you see other operators saying, we don't hit healthcare.
Now, questions about why that is, you know, is that a moral outlook and ethical standpoint?
Or do they just realize that if you attack a hospital, you're going to have a target on
back from every law enforcement agency in the world. I don't know. I don't know. I think it's probably
a bit of both. But healthcare certainly is an interesting one for them. And the other thing is that
certainly in the UK, very unlikely a healthcare operator in the UK would pay up. I mean,
we have the National Health Service. They generally don't pay. But obviously in the US,
well, I think you are, Dave. There are private hospitals who will pay. So again, knowing the nuances
of the territory you're attacking, that's not always something that ransomware gangs, no, I think.
there was another incident involving the Saudi royal family share that with us yes this was an astonishing
moment in the sort of evolution of conti the conti gang broke into a jeweler called graph the famous
graph diamonds company who sell obviously jewels to all sorts of very very rich famous people around the
world conti did what they always do which is scramble graphs data and then steal a bunch of data
the reason for that is if victims refuse to pay up to have their data unscrambled conti
would simply say, well, you may not want your data unscramble, maybe you've got a backup,
but we've also got your data and we'll leak it onto the internet if you don't pay.
This is a double extortion technique. Exactly what they did to Graf.
Graff played Harbour, did not want to pay, so Conti decided they would put the squeeze on the victim,
and they would start leaking some snippets of Graf's customer data that they'd stolen.
In that, Wars Data about famous people, Donald Trump, David Beckham, apparently were in there.
The Daily Mail wrote an article about this.
in the UK. Now, what the gang had not realized, Conti had not realized, was in amongst the data
leak that they put out, was data about the Saudi royal family. Now, there were people in the world
that you want to upset, and there were people that you don't, and I would definitely put the Saudis
in the latter camp. We don't know what happens next. What we do know because of the leaks is that
the Conti gang really, they really got scared about this, that there's talk about the fact you
could be disappeared, you know, as a result of this. You've up to
set some powerful people, they won't like this.
We then get an apology from the Conti gang to the Saudi royal family, individually, saying
we're very sorry for any inconvenience cause.
They then thanked the Daily Mail for pointing this out, which came as a big shock to
the Daily Mail journalist.
And then the Conti Gang said, we're very sorry, we'll, of course, delete the Saudi royal family's
data.
Now, thanks to the leaks, we know they did no such thing.
And in fact, there's a brilliant snippet, which was rummaged out by actually a private
tech security firm called Syjax, who went.
through some of the leaks with us and helped us with it. And they found this great snippet where one of
the gang members talks about the Saudi League and says, we can shake and shake with the shakes,
i.e., they've got the Shakes, the Saudi Shakes data, and they will shake them down later on. They'll
hang on to this data. So when they tell you they delete your data, these ransomai gangs,
they're almost certainly lying. Well, one more specific story. There was an arrest in Miami that got
the gang's attention. What was going on there? Yes. So again, the gang had to recruit.
and they had to be quite careful about how they recruited.
And with any organised crime enterprise,
you have a challenge about how many people you tell,
because the more people you tell, the more vulnerable you are.
So they would recruit people as sort of techies and coders initially
and then gradually inculcate them into the gang
and expose more to them.
One of the people they recruited was a woman called Alavita,
who's actually from Latvia.
She worked as a coder.
She thought it was just a remote work job.
She didn't really ask many questions.
she then realized over time this was a criminal operation.
She actually ended up in Suriname, for reasons that we go into in the podcast, it's quite weird.
Suriname's tiny country in South America.
The US government started looking into Conti, and with Alavita, they didn't have to do much research.
She had actually hosted some of the malware on her own website, alovita.n.l.
So finding her name wasn't that big of an investigation.
The US government tracked her down to Suriname, where unfortunately she and her partner had overstayed their visas.
So the US government said to the Suriname government, if you're tempted to extradite these people, could you fly them perhaps via Miami?
So Alavita gets a knock on the door one day, ends up in Miami, and is then under custody in the US.
Now, interesting, because of the leaks around Conti, we know what their reaction to this was.
Weirdly, it took them quite a while to notice this.
One of the gang members had to report to the senior management to stir.
And look, you do realize one of your people's been arrested.
They then go into emergency panic mode because they realize Alavit could spill all the secrets.
Or even if she just gives them the password, the conversations will be potentially on her laptop or her devices.
So they start working out.
How can they spring Allah out of prison?
And one of the big issues is they've got a lawyer.
They have a friendly lawyer in the US who knows the system.
But how do you pay the lawyer without your money being seized or tracked?
So they were trying to work out, like, have we got money in the US that we can somehow free up to pay this lawyer?
Because it's going to cost us hundreds of thousands.
So they kind of go into overdrive.
Now, we don't know what happens with that process in the end.
We do know Alavita was eventually convicted.
She'd by this point been in custody for quite some time.
So I think she got a couple of years was then put on a flight back to Riga, and is now back in Riga.
And actually, the German journalist managed to track her down an interviewer.
And we've spoken to that journalist for the podcast, and we've got snippets of Alla.
And she's, honestly, she's the classic criminal cutout, didn't ask many questions,
didn't really want to know, just happy to do the job.
And I don't know about you, Dave, I've come across in multiple cases where there's just
some person who just doesn't ask enough questions and they end up in a crime gang.
It's bizarre how often that happens.
I'm curious, you know, I think we all have an idea in our mind of what a cybercrime group
is like and the people who are involved with them.
as you were going through all of these messages,
did it challenge your assumptions about who these people were,
as you got to know them?
I'd always, it's a very common cliche in the business
to describe cybercrime as a business.
You know, in the cybersecurity industry,
oh, it's a business nine to five.
I'd always known that.
But it really did just bring it absolutely home to me,
the mundality of what they were doing,
you know, the staffing issues they had to deal with,
the fallouts between different team members,
oh, this person hasn't logged on,
or I'm having trouble with this software.
It's only when you've,
I've not thought of this before,
but it's only when you've read 47,000 messages,
quite a lot of which are very boring,
that you realize quite how mundane and business like this operation was.
They thought about the same stuff.
Every organization thinks about.
Recruitment, retention, strategy, reputation,
you know, these were all things that Conti thought about and thought about quite deeply. So,
yeah, I find that interesting. And I found that interesting juggling that against the fact that
they couldn't get away from the headwinds that a criminal operation still has. You can't
trust each other. You don't know who you're working with. People don't hang around because they
haven't signed contracts. They can flit at any time. They can flip on you at any time. So no matter
how business like Conti got, it still had the Achilles heel that a lot of crime gangs have,
the fact that you can't trust who you're working with.
Yeah.
As they ultimately unraveled, how does the information that you have, being able to look in
on these conversations, sort of in the rearview mirror, how does that inform your understanding
of what ultimately led to their downfall?
Well, the conversations between Conti members, the.
internal chats got leaks in February to March, 2022 as the war in Ukraine was starting to break out.
Conti did one last job, which was the government of Costa Rica, which is quite a step up.
They'd attacked local government before. They'd attacked big companies. But to go after an entire
government was quite a change. They did manage to take down parts of Costa Rica's government's
infrastructure, the treasury, import exports were affected, taxes, pensions, government payments to government
employees. And what was interesting was it wasn't just Conti. In the end, Costa Rica became a sort of
pylon of different groups. Now, what's interesting about that is we don't know why that happened,
because at that point the Conti gang had disintegrated largely. Max Smeets, who's an author who wrote an
academic, also who wrote a great book called Ransom War, has various theories for this. And I think he's done
a good job of summing them up. You know, was this last one song to say, well, you know, my
drop, we're out of here. Was this somebody trying to say, well, Conti's not gone, we're still here,
you can still use us? Was it a rogue affiliate who just went after a government? Had Conti at that
point merged into some kind of nation-state activity? We don't know. All we know is that's
the last one that's attributed under the Conti name. We think Conti's members went on to set up new
gangs, to become affiliates in other gangs. But that's the sort of the swan song, if you like,
of Conti, the death of Conti. After all this research, were there any particular things
that stayed with you personally?
The thing that really stayed me
with there was an interview
that we did with a woman
who is based in Ireland
and Conti in 2021
attacked the Irish
Health Service,
the National Health Service of Ireland,
did huge damage.
I mean, it was just,
it was absolute chaos there.
This woman had a very rare
form of cancer,
and she'd actually had the chemotherapy,
she'd largely beaten the cancer,
but there's a final course of radiotherapy.
I've never had this experience,
you know,
thankfully with a family member, but these operations are so precise that you need to target the
radiotherapy exactly the right bit. It was in her brain this particular cancer. And so she was
on the final stretch, but there were these final moments of, okay, I've got six appointments
left, and they'll do these exactly targeted, precise radiotherapy treatments, and then I'll be free.
I've beaten it, I'm done. And she gets the phone call to say, sorry, the operation's off.
And then she has the moment of looking at the doctors, writing down the coordinates for the
therapy treatment in pen, which would normally be on a computer, they had to type them in
manual into the computer because they'd lost the records. And she's looking and thinking,
if they get a coordinate wrong, this doesn't work, this treatment doesn't work. That's how close
to the wire you get. And so something like that, being something like that makes you realize,
we think of cyber attacks as often being quite spreadsheet, quite white collar, quite digital,
but real people really suffer. And that's not to mention all the people, a lot of people listen to this
podcast who deal with defending against this stuff who have to pull 18 hour days, seven days,
week to clear this mess up.
Our thanks to Jeff White, BBC journalist and host of CyberHack for joining us.
We'll have a link to his work on the Conti Ransomware Group in our show notes.
And that's Research Saturday, brought to you by N2K Cyberwire.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly
changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey and the show notes or send an email to Cyberwire at N2K.com.
This episode was produced by Liz Stokes.
We're mixed by Elliot Peltzman and Trey Hester.
Our executive producer is Jennifer Ibin.
Peter Kilpy is our publisher, and I'm Dave Bittner.
Thanks for listening.
We'll see you back here next time.
On July 16th, The Hawk lands on Netflix.
From the mind of Will Ferrell.
Oh, Mama, I'm back.
Come in love.
Comes a new original series.
Get ready, get ready.
That's it.
Did I stutter?
When an iconic pro golfer.
Lonnie?
Lonnie.
Hawk died!
Takes one last swing at greatness.
You were a big shot golfer.
I still am a big shot golfer.
No one.
Dad, I'm the Hawk now.
We'll stand in his way.
That's how it's done.
The Hawk, only on Netflix, July 16th.
