This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles
This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles
This article is within the scope of WikiProject Crime and Criminal Biography, a collaborative effort to improve the coverage of Crime and Criminal Biography articles on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Crime and Criminal BiographyWikipedia:WikiProject Crime and Criminal BiographyTemplate:WikiProject Crime and Criminal BiographyCrime-related articles
This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet articles
Latest comment: 6 months ago4 comments3 people in discussion
Perhaps both? Relation to Wizard Spider? The article currently includes material on both the malware and an eponymous group. Yet the hatnote and article name would suggest malware. --Palosirkka (talk) 05:51, 17 April 2022 (UTC)Reply
I agree that it refers to both - I think originally it was about the malware, but drifted to include both. I'm not sure what a suitable new name would be - perhaps a separate page for the Conti Group? Autarch (talk) 16:20, 21 May 2022 (UTC)Reply
Looked into this myself today. Found several sources which corroborate that it is primarily a family of ransomware variants, as well as a Ransomware as a Service (RaaS) operation made up of a core group (likely Wizard Spider since they developed it originally) and "recruited affiliates" which help with specific, but peripheral parts of the operation.
This info is from MITRE ATT&CK (publicly available framework for tracking threat actor groups, as well as malware like Conti) and CISA (US government agency).
All that being said, I think it is primarily malware. But because Wizard Spider offers Ransomware as a service which employs Conti (as seen in the TTPs discovered by forensic/ threat intelligence teams during and after an incident), it is often referred as a 'group' in articles etc..
I think calling it a 'group' is erroneous since it is not a hacking 'group' in the same way that, say, Wizard Spider or APT19 is a group.
