Wizard Spider

URI: https://gptkb.org/entity/Wizard_Spider
GPTKB entity
Statements (56)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2016
gptkbp:alsoKnownAs gptkb:Gold_Blackburn
gptkb:UNC1878
gptkbp:associatedWith gptkb:Grim_Spider
gptkb:Conti_ransomware_group
gptkb:Gold_Blackburn
gptkb:UNC1878
gptkbp:connectsTo gptkb:Grim_Spider
gptkb:Conti_ransomware_group
gptkb:Ryuk_ransomware_group
gptkb:TrickBot_group
gptkb:UNC1878
gptkb:FIN12
gptkbp:countryOfOrigin gptkb:Russia
gptkbp:criminalActivity phishing
extortion
malware distribution
data theft
ransomware attacks
credential theft
botnet operations
https://www.w3.org/2000/01/rdf-schema#label Wizard Spider
gptkbp:mainLanguage gptkb:Russian
gptkbp:notableBattle gptkb:attack_on_Ireland's_Health_Service_Executive_(2021)
gptkb:attack_on_Universal_Health_Services_(2020)
attack on Costa Rica government (2022)
attack on US hospitals (2020)
gptkbp:notableFor gptkb:Conti_ransomware
gptkb:BazarLoader_malware
gptkb:TrickBot_malware
gptkb:Ryuk_ransomware
gptkbp:notableTool gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti
gptkb:Anchor
gptkb:BazarLoader
gptkb:TrickBot
gptkbp:status active
gptkbp:suspectedLocation gptkb:Moscow,_Russia
gptkb:Saint_Petersburg,_Russia
gptkbp:target gptkb:government
education sector
healthcare sector
government organizations
gptkbp:usesMalware gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti
gptkb:Anchor
gptkb:BazarBackdoor
gptkb:Sidoh
gptkb:BazarLoader
gptkb:TrickBot
gptkbp:bfsParent gptkb:Ryuk_ransomware
gptkb:Wizard_Spider_group
gptkbp:bfsLayer 6