Wizard Spider group

GPTKB entity

Statements (61)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2014
gptkbp:alsoKnownAs gptkb:Lunar_Spider
gptkb:Wizard_Spider
gptkbp:associatedWith gptkb:Conti_group
gptkb:TrickBot_gang
gptkbp:connectsTo gptkb:Gold_Blackburn
gptkb:Gold_Ulrick
gptkb:UNC1878
gptkbp:countryOfOrigin gptkb:Russia
https://www.w3.org/2000/01/rdf-schema#label Wizard Spider group
gptkbp:mainLanguage gptkb:Russian
gptkbp:motive financial gain
gptkbp:notableBattle gptkb:attack_on_Ireland's_Health_Service_Executive_(2021)
gptkb:attack_on_Universal_Health_Services_(2020)
gptkbp:notableFor gptkb:Conti_ransomware
gptkb:BazarLoader_malware
gptkb:TrickBot_malware
gptkb:Ryuk_ransomware
gptkbp:status active
gptkbp:target gptkb:government_agency
healthcare organizations
financial institutions
large enterprises
gptkbp:technique phishing
malware distribution
data exfiltration
credential theft
lateral movement
ransomware deployment
gptkbp:usesMalware gptkb:Ryuk
gptkb:Cobalt_Strike
gptkb:Conti
gptkb:Anchor
gptkb:BazarBackdoor
gptkb:Sidoh
gptkb:TrickBot_Anchor
gptkb:TrickBot_Anchor_DNS
gptkb:TrickBot_PowerTrick
gptkb:TrickBot_TrickBooster
gptkb:TrickBot_TrickBotWebinjectDLL
gptkb:TrickBot_TrickBotWebinjectExe
gptkb:TrickBot_TrickBotWebinjectService
gptkb:TrickBot_TrickBotWebinjectTask
gptkb:TrickBot_TrickLoader
gptkb:BazarLoader
gptkb:TrickBot
TrickBot BokBot
TrickBot TrickBotDLL
TrickBot TrickBotExe
TrickBot TrickBotLoader
TrickBot TrickBotService
TrickBot TrickBotTask
TrickBot TrickBotWebinject
TrickBot TrickBotWebinjectWebinject
TrickBot TrickBotWebinjectWebinjectDLL
TrickBot TrickBotWebinjectWebinjectExe
TrickBot TrickBotWebinjectWebinjectService
TrickBot TrickBotWebinjectWebinjectTask
gptkbp:bfsParent gptkb:Conti
gptkbp:bfsLayer 5