Badbullzvenom

Badbullzvenom, a malware associated with the notorious Golden Chickens operation, has been traced back to its developers. In May 2023, security firm eSentire identified the second developer of the malware as a Romanian individual named Jack, also known by aliases Lucky and badbullzvenom. The Golden Chickens malware has been utilized in cybercrime operations by groups such as the Russian Cobalt Group and FIN6. This malware is designed to exploit and damage computer systems, capable of stealing personal information, disrupting operations, or even holding data hostage for ransom. The alias badbullzvenom became a subject of interest when another threat actor, "babay," accused him of theft and issued a bounty for information leading to his real identity in July 2022. Further investigation revealed that Jack, aka Lucky, shared the badbullz and badbullzvenom accounts with a Montreal-based cybercriminal known as "Chuck." It was speculated that Jack brokered a deal with Chuck to use these aliases on various underground forums to evade his notoriety as a ripper. Jack's activities can be traced back to 2015 when he released a tool called MULTIPLIER via the badbullzvenom account. In 2017, under the same alias, he released another tool called VenomKit, which later evolved into the Golden Chickens Malware-as-a-Service (MaaS). Both tools contributed significantly to his credibility in the cybercrime community. Ultimately, eSentire characterized Jack as the true mastermind behind the Golden Chickens operation.