Badbullz

Badbullz is a malicious software (malware) that poses significant threats to computer systems and user data. It is associated with two threat actors, known by their aliases "LUCKY" and "Chuck from Montreal". The duo utilized the Badbullz and Badbullzvenom accounts to exploit unsuspecting victims, infecting systems through suspicious downloads, emails, or websites. Once the malware infiltrates a system, it can steal personal information, disrupt operations, or even hold user data for ransom. The association between LUCKY and Chuck was established around 2013 on an underground forum where they brokered a deal allowing LUCKY to operate under Chuck's aliases, "badbullz" and "badbullzvenom". This arrangement provided LUCKY with a clean slate, enabling him to build credibility under these account aliases and continue his malicious activities without arousing suspicion. Jack, another suspect in this case, is believed to have interacted with Chuck sometime between late 2012 and October 4, 2013. LUCKY's downfall came about when he used a Jabber account linked to his alias. Researchers discovered a message posted from Chuck's badbullz account on the Lampeduza forum dated October 4, 2013, which contained contact information associated with LUCKY. This critical error exposed the connection between LUCKY and the badbullz and badbullzvenom accounts, shedding light on the operations of this cybercriminal network.