Offered under a malware-as-a-service (MaaS) model since 2018,
Golden Chickens has been used by the Russia-based Cobalt Group and FIN6 cybercrime rings to target organizations in various industries, causing financial losses or more than $1.4 billion.
Golden Chickens has been primarily used to steal banking information and credit card data, targeting the online payment systems of organizations in the accounting, aviation, insurance, legal, energy, and food industries.
Following an August 2022 report detailing the whereabouts of
‘Chuck from Montreal’, one of the threat actors behind the Golden Chickens MaaS, eSentire now claims to have
discovered the identity of ‘Jack’, the second developer of the malware. The Golden Chickens operator is tracked as Venom Spider.
According to the security firm, the true mastermind behind Golden Chickens is, in fact, Jack, who has been active on cybercrime forums since 2008, when he was 15, and who built a reputation for himself under multiple aliases.
A Romanian living in Bucharest, Jack started his career with password stealers, then moved to crypters, and a malicious document builder that he improved with a JavaScript backdoor and a password stealer. In 2017, he launched Golden Chickens.
malwaretips.com
