Conti ransomware operations

GPTKB entity

Statements (32)
Predicate Object
gptkbp:instanceOf cybercrime operation
gptkbp:affects hundreds of organizations worldwide
gptkbp:associatedWith gptkb:Russia
gptkbp:beganIn 2019
gptkbp:connectsTo gptkb:Ryuk_ransomware_group
gptkb:Wizard_Spider
gptkbp:demandedRansomIn gptkb:Bitcoin
gptkbp:disbanded 2022
https://www.w3.org/2000/01/rdf-schema#label Conti ransomware operations
gptkbp:leakedBy gptkb:ContiLeaks
gptkbp:notableBattle Costa Rican government 2022
Irish Health Service Executive (HSE) 2021
gptkbp:notableFor data theft
double extortion tactics
demanding cryptocurrency ransom
gptkbp:perpetrator gptkb:Conti_ransomware_group
gptkbp:prompted international law enforcement response
gptkbp:publishedVictimDataOn gptkb:Conti_News_leak_site
gptkbp:resultedIn significant financial losses
gptkbp:supportedBy gptkb:Russian_invasion_of_Ukraine
gptkbp:target gptkb:government_agency
educational institutions
healthcare organizations
corporate networks
gptkbp:technique gptkb:Cobalt_Strike
gptkb:living_off_the_land_binaries_(LOLBins)
phishing emails
RDP brute force
malware loaders
gptkbp:usesMalware gptkb:Conti_ransomware
gptkbp:bfsParent gptkb:BazarBackdoor
gptkbp:bfsLayer 7