|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2014
|
|
gptkbp:alsoKnownAs
|
gptkb:Lunar_Spider
gptkb:Wizard_Spider
|
|
gptkbp:associatedWith
|
gptkb:Conti_group
gptkb:TrickBot_gang
|
|
gptkbp:connectsTo
|
gptkb:Gold_Blackburn
gptkb:Gold_Ulrick
gptkb:UNC1878
|
|
gptkbp:countryOfOrigin
|
gptkb:Russia
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
Wizard Spider group
|
|
gptkbp:mainLanguage
|
gptkb:Russian
|
|
gptkbp:motive
|
financial gain
|
|
gptkbp:notableBattle
|
gptkb:attack_on_Ireland's_Health_Service_Executive_(2021)
gptkb:attack_on_Universal_Health_Services_(2020)
|
|
gptkbp:notableFor
|
gptkb:Conti_ransomware
gptkb:BazarLoader_malware
gptkb:TrickBot_malware
gptkb:Ryuk_ransomware
|
|
gptkbp:status
|
active
|
|
gptkbp:target
|
gptkb:government_agency
healthcare organizations
financial institutions
large enterprises
|
|
gptkbp:technique
|
phishing
malware distribution
data exfiltration
credential theft
lateral movement
ransomware deployment
|
|
gptkbp:usesMalware
|
gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti
gptkb:Anchor
gptkb:BazarBackdoor
gptkb:Sidoh
gptkb:TrickBot_Anchor
gptkb:TrickBot_Anchor_DNS
gptkb:TrickBot_PowerTrick
gptkb:TrickBot_TrickBooster
gptkb:TrickBot_TrickBotWebinjectDLL
gptkb:TrickBot_TrickBotWebinjectExe
gptkb:TrickBot_TrickBotWebinjectService
gptkb:TrickBot_TrickBotWebinjectTask
gptkb:TrickBot_TrickLoader
gptkb:BazarLoader
gptkb:TrickBot
TrickBot BokBot
TrickBot TrickBotDLL
TrickBot TrickBotExe
TrickBot TrickBotLoader
TrickBot TrickBotService
TrickBot TrickBotTask
TrickBot TrickBotWebinject
TrickBot TrickBotWebinjectWebinject
TrickBot TrickBotWebinjectWebinjectDLL
TrickBot TrickBotWebinjectWebinjectExe
TrickBot TrickBotWebinjectWebinjectService
TrickBot TrickBotWebinjectWebinjectTask
|
|
gptkbp:bfsParent
|
gptkb:Conti
|
|
gptkbp:bfsLayer
|
5
|