C0015

C0015C0015

ATT&CK
14.1
References
2

Description

[C0015](https://attack.mitre.org/campaigns/C0015) was a ransomware intrusion during which the unidentified attackers used [Bazar](https://attack.mitre.org/software/S0534), [Cobalt Strike](https://attack.mitre.org/software/S0154), and [Conti](https://attack.mitre.org/software/S0575), along with other tools, over a 5 day period. Security researchers assessed the actors likely used the widely-circulated [Conti](https://attack.mitre.org/software/S0575) ransomware playbook based on the observed pattern of activity and operator errors.(Citation: DFIR Conti Bazar Nov 2021)

References

  1. https://attack.mitre.org/campaigns/C0015
  2. https://thedfirreport.com/2021/11/29/continuing-the-bazar-ransomware-story/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Campaign
C0018
Software
Conti
Campaign
C0017
Campaign
C0021
Software
CTF
Software
Bazar
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.