itman 1,659 Posted May 20, 2023 Share Posted May 20, 2023 (edited) Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware Quote May 20, 2023 Ravie Lakshmanan Cyber Crime / Ransomware The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a fatal operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two criminals operating an account on the Russian-language Exploit.in forum under the name "badbullzvenom," the other being "Chuck from Montreal." eSentire characterized Jack as the true mastermind behind Golden Chickens. Evidence unearthed by the Canadian company shows that he is also listed as the owner of a vegetable and fruit import and export business. "Like 'Chuck from Montreal,' 'Jack' uses multiple aliases for the underground forums, social media, and Jabber accounts, and he too has gone to great lengths to disguise himself," eSentire researchers Joe Stewart and Keegan Keplinger said. "'Jack' has taken great pains to obfuscate the Golden Chickens malware, trying to make it undetectable by most [antivirus] companies, and strictly allowing only a small number of customers to buy access to the Golden Chickens MaaS." Golden Chickens (aka More_eggs) is a malware suite used by financially-motivated cybercrime actors such as Cobalt Group and FIN6. The threat actors behind the malware, also known as Venom Spider, operate under a malware-as-a-service (MaaS) model. The JavaScript malware is distributed via phishing campaigns and comes with several components to harvest financial information, perform lateral movement, and even drop a ransomware plugin for PureLocker called TerraCrypt. https://thehackernews.com/2023/05/meet-jack-from-romania-mastermind.html Edited May 21, 2023 by itman Link to comment Share on other sites More sharing options...
Recommended Posts