Badbullz

Malware updated 4 days ago (2024-11-29T14:25:44.721Z)
Download STIX
Preview STIX
Badbullz is a malicious software (malware) that poses significant threats to computer systems and user data. It is associated with two threat actors, known by their aliases "LUCKY" and "Chuck from Montreal". The duo utilized the Badbullz and Badbullzvenom accounts to exploit unsuspecting victims, infecting systems through suspicious downloads, emails, or websites. Once the malware infiltrates a system, it can steal personal information, disrupt operations, or even hold user data for ransom. The association between LUCKY and Chuck was established around 2013 on an underground forum where they brokered a deal allowing LUCKY to operate under Chuck's aliases, "badbullz" and "badbullzvenom". This arrangement provided LUCKY with a clean slate, enabling him to build credibility under these account aliases and continue his malicious activities without arousing suspicion. Jack, another suspect in this case, is believed to have interacted with Chuck sometime between late 2012 and October 4, 2013. LUCKY's downfall came about when he used a Jabber account linked to his alias. Researchers discovered a message posted from Chuck's badbullz account on the Lampeduza forum dated October 4, 2013, which contained contact information associated with LUCKY. This critical error exposed the connection between LUCKY and the badbullz and badbullzvenom accounts, shedding light on the operations of this cybercriminal network.
Description last updated: 2024-05-04T20:36:59.814Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Badbullz Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more