ContFR, commonly known as the Conti ransomware group, emerged in December 2019 and is understood to be operated by the Russia-based hacking group 'Wizard Spider'. Initially observed under this pseudonym, Conti rapidly evolved into a prolific Ransomware-as-a-Service (RaaS) operation, distinguished by its unique affiliate payment model where deployers received fixed wages rather than a percentage of ransom payments. The group's primary motivation was financial gain through extensive cyberattacks and data extortion. Conti gained notoriety for its exceptionally fast, multi-threaded encryption using AES-256 and its aggressive double extortion tactics, which involved encrypting victims' data and threatening to publish exfiltrated sensitive information on a dedicated leak site. While the Conti brand formally dissolved around May 2022, its underlying codebases, operational methodologies, and some members subsequently splintered and influenced other significant ransomware ecosystems.