Statements (29)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cyber threat group
|
| gptkbp:activeYearsStart |
2019
|
| gptkbp:alsoKnownAs |
gptkb:Wizard_Spider
|
| gptkbp:associatedWith |
gptkb:Conti_ransomware
gptkb:TrickBot_malware gptkb:Ryuk_ransomware |
| gptkbp:connectsTo |
Eastern European cybercriminal ecosystem
|
| gptkbp:countryOfOrigin |
gptkb:Russia
|
| https://www.w3.org/2000/01/rdf-schema#label |
UNC1878
|
| gptkbp:industry |
gptkb:government
financial services healthcare |
| gptkbp:infrastructure |
gptkb:Anchor_DNS
malicious email campaigns |
| gptkbp:motive |
financial gain
|
| gptkbp:notableBattle |
gptkb:Universal_Health_Services_ransomware_attack_(2020)
attack on Fortune 500 companies |
| gptkbp:tactics |
phishing
malware distribution ransomware deployment |
| gptkbp:trackedBy |
gptkb:CrowdStrike
gptkb:FireEye gptkb:Mandiant |
| gptkbp:uses |
gptkb:PowerShell
gptkb:Cobalt_Strike gptkb:Anchor_malware gptkb:TrickBot |
| gptkbp:bfsParent |
gptkb:Wizard_Spider_group
|
| gptkbp:bfsLayer |
6
|