Talk:Conti (ransomware)
Appearance
This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Ransomware or a ransomware group?
[edit]Perhaps both? Relation to Wizard Spider? The article currently includes material on both the malware and an eponymous group. Yet the hatnote and article name would suggest malware. --Palosirkka (talk) 05:51, 17 April 2022 (UTC)
- I agree that it refers to both - I think originally it was about the malware, but drifted to include both. I'm not sure what a suitable new name would be - perhaps a separate page for the Conti Group? Autarch (talk) 16:20, 21 May 2022 (UTC)
- Admittedly, I'm not 100% sure if Wizard Spider and the Conti Group are the same or merely overlap in some members.Autarch (talk) 16:22, 21 May 2022 (UTC)
- Hello,
- Looked into this myself today. Found several sources which corroborate that it is primarily a family of ransomware variants, as well as a Ransomware as a Service (RaaS) operation made up of a core group (likely Wizard Spider since they developed it originally) and "recruited affiliates" which help with specific, but peripheral parts of the operation.
- This info is from MITRE ATT&CK (publicly available framework for tracking threat actor groups, as well as malware like Conti) and CISA (US government agency).
- All that being said, I think it is primarily malware. But because Wizard Spider offers Ransomware as a service which employs Conti (as seen in the TTPs discovered by forensic/ threat intelligence teams during and after an incident), it is often referred as a 'group' in articles etc..
- I think calling it a 'group' is erroneous since it is not a hacking 'group' in the same way that, say, Wizard Spider or APT19 is a group.
- I tried to reflect this in my recent edit. AnaisCarver (talk) 23:17, 31 May 2024 (UTC)
Should the Known Targets section add Costa Rica institutions?
[edit]They have been attacked for the past month or so. The attack was directed at the Institution responsible for the Treasury — Preceding unsigned comment added by 201.198.177.255 (talk) 05:16, 19 May 2022 (UTC)
Categories:
- Start-Class Computing articles
- Low-importance Computing articles
- Start-Class software articles
- Low-importance software articles
- Start-Class software articles of Low-importance
- All Software articles
- Start-Class Computer Security articles
- Low-importance Computer Security articles
- Start-Class Computer Security articles of Low-importance
- All Computer Security articles
- All Computing articles
- Start-Class Crime-related articles
- Low-importance Crime-related articles
- WikiProject Crime and Criminal Biography articles
- Start-Class Internet articles
- Low-importance Internet articles
- WikiProject Internet articles