GOLD BLACKBURN

Threat Actor Profile Updated 24 days ago
Download STIX
Preview STIX
GOLD BLACKBURN is a threat actor known for its malicious cyber activities, including the operation of the TrickBot malware. This group has been observed in numerous ransomware incidents, highlighting their significant and ongoing threat to cybersecurity. The methods they employ are sophisticated and persistent, such as establishing persistence through scheduled tasks, which enables them to maintain a presence within compromised systems over an extended period. In a specific instance, GOLD BLACKBURN was linked to seven Russians who were jointly sanctioned by the U.S. and U.K. These individuals were accused of aiding or participating in multiple ransomware and cybercrime enterprises. Their activities spanned across a variety of brand names and code names, such as Conti, GOLD BLACKBURN, TrickBot, Trickman, UNC1878, and Wizard Spider, further underscoring the breadth and diversity of their operations. Given these actions, GOLD BLACKBURN represents a substantial and multi-faceted cybersecurity threat. Their use of various tools and techniques, coupled with their association with other known cybercriminals, signals a high level of coordination and capability. As such, it's crucial for organizations to remain vigilant and proactive in their cybersecurity measures to protect against this and similar threat actors.
What's your take? (Question 1 of 1)
eb208373-469a-492a-a1d1-5257013e1e79 Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
TrickBot
2
TrickBot is a notorious malware that has gained prominence due to its destructive capabilities. This malicious software, designed to exploit and damage computer systems, infiltrates devices through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, TrickBot c
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the GOLD BLACKBURN Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
No Ransomware Please, We're British | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security
Secureworks
a year ago
Phases of a Post-Intrusion Ransomware Attack