Statements (29)
Predicate | Object |
---|---|
gptkbp:instanceOf |
cyber threat group
|
gptkbp:activeYearsStart |
2019
|
gptkbp:alsoKnownAs |
gptkb:Wizard_Spider
|
gptkbp:associatedWith |
gptkb:Conti_ransomware
gptkb:TrickBot_malware gptkb:Ryuk_ransomware |
gptkbp:connectsTo |
Eastern European cybercriminal ecosystem
|
gptkbp:countryOfOrigin |
gptkb:Russia
|
https://www.w3.org/2000/01/rdf-schema#label |
UNC1878
|
gptkbp:industry |
gptkb:government
financial services healthcare |
gptkbp:infrastructure |
gptkb:Anchor_DNS
malicious email campaigns |
gptkbp:motive |
financial gain
|
gptkbp:notableBattle |
gptkb:Universal_Health_Services_ransomware_attack_(2020)
attack on Fortune 500 companies |
gptkbp:tactics |
phishing
malware distribution ransomware deployment |
gptkbp:trackedBy |
gptkb:CrowdStrike
gptkb:FireEye gptkb:Mandiant |
gptkbp:uses |
gptkb:PowerShell
gptkb:Cobalt_Strike gptkb:Anchor_malware gptkb:TrickBot |
gptkbp:bfsParent |
gptkb:Wizard_Spider_group
|
gptkbp:bfsLayer |
6
|