gptkbp:instanceOf
|
cybercrime
|
gptkbp:activeYearsStart
|
2016
|
gptkbp:alsoKnownAs
|
gptkb:Gold_Blackburn
gptkb:UNC1878
|
gptkbp:associatedWith
|
gptkb:Grim_Spider
gptkb:Conti_ransomware_group
gptkb:Gold_Blackburn
gptkb:UNC1878
|
gptkbp:connectsTo
|
gptkb:Grim_Spider
gptkb:Conti_ransomware_group
gptkb:Ryuk_ransomware_group
gptkb:TrickBot_group
gptkb:UNC1878
gptkb:FIN12
|
gptkbp:countryOfOrigin
|
gptkb:Russia
|
gptkbp:criminalActivity
|
phishing
extortion
malware distribution
data theft
ransomware attacks
credential theft
botnet operations
|
https://www.w3.org/2000/01/rdf-schema#label
|
Wizard Spider
|
gptkbp:mainLanguage
|
gptkb:Russian
|
gptkbp:notableBattle
|
gptkb:attack_on_Ireland's_Health_Service_Executive_(2021)
gptkb:attack_on_Universal_Health_Services_(2020)
attack on Costa Rica government (2022)
attack on US hospitals (2020)
|
gptkbp:notableFor
|
gptkb:Conti_ransomware
gptkb:BazarLoader_malware
gptkb:TrickBot_malware
gptkb:Ryuk_ransomware
|
gptkbp:notableTool
|
gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti
gptkb:Anchor
gptkb:BazarLoader
gptkb:TrickBot
|
gptkbp:status
|
active
|
gptkbp:suspectedLocation
|
gptkb:Moscow,_Russia
gptkb:Saint_Petersburg,_Russia
|
gptkbp:target
|
gptkb:government
education sector
healthcare sector
government organizations
|
gptkbp:usesMalware
|
gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti
gptkb:Anchor
gptkb:BazarBackdoor
gptkb:Sidoh
gptkb:BazarLoader
gptkb:TrickBot
|
gptkbp:bfsParent
|
gptkb:Ryuk_ransomware
gptkb:Wizard_Spider_group
|
gptkbp:bfsLayer
|
6
|