Skip to content

Hide Navigation Hide TOC

Conti (8e995c29-2759-4aeb-9a0f-bb7cd97b06e5)

Conti is a Ransomware-as-a-Service (RaaS) that was first observed in December 2019. Conti has been deployed via TrickBot and used against major corporations and government agencies, particularly those in North America. As with other ransomware families, actors using Conti steal sensitive files and information from compromised networks, and threaten to publish this data unless the ransom is paid.[Cybereason Conti Jan 2021][CarbonBlack Conti July 2020][Cybleinc Conti January 2020]

Cluster A Galaxy A Cluster B Galaxy B Level
Conti (8e995c29-2759-4aeb-9a0f-bb7cd97b06e5) Tidal Software FIN12 (6d6ed42c-760c-4964-a81e-1d4df06a8800) Tidal Groups 1
Conti (8e995c29-2759-4aeb-9a0f-bb7cd97b06e5) Tidal Software Wizard Spider (0b431229-036f-4157-a1da-ff16dfc095f8) Tidal Groups 1