Conti

GPTKB entity

Statements (52)
Predicate Object
gptkbp:instanceOf ransomware group
gptkbp:affiliatedWith multiple criminal groups
gptkbp:associatedWith gptkb:Russia
gptkbp:connectsTo gptkb:Ryuk_ransomware
gptkb:Wizard_Spider_group
gptkbp:disbanded 2022
gptkbp:firstAppearance 2020
https://www.w3.org/2000/01/rdf-schema#label Conti
gptkbp:language gptkb:Russian
gptkbp:leakSite gptkb:Conti_News
gptkbp:notableFor aggressive negotiation tactics
large ransom demands
public data leaks
targeting construction sector
targeting critical infrastructure
targeting education sector
targeting energy sector
targeting financial services
targeting healthcare sector
targeting insurance companies
targeting large enterprises
targeting law enforcement agencies
targeting legal firms
targeting logistics companies
targeting manufacturing sector
targeting municipalities
targeting non-profits
targeting retail companies
targeting small and medium businesses
targeting technology companies
threatening victims with media exposure
gptkbp:notoriousAttack gptkb:Costa_Rica_government_2022
gptkb:Ireland_Health_Service_Executive_(HSE)_2021
gptkbp:operatesIn cybercrime
gptkbp:ransomwareType gptkb:RaaS_(Ransomware-as-a-Service)
human-operated
gptkbp:requires ransom payments in cryptocurrency
gptkbp:sourceCodeLeaked 2022
gptkbp:supportedBy gptkb:Russian_government_during_2022_Ukraine_invasion
gptkbp:target gptkb:Europe
gptkb:Latin_America
gptkb:United_States
government organizations
corporate networks
gptkbp:uses gptkb:Cobalt_Strike
gptkb:BazarLoader
gptkb:TrickBot
phishing emails
RDP brute force
double extortion tactics
gptkbp:bfsParent gptkb:malware
gptkbp:bfsLayer 4