Gold Blazer

Threat Actor updated 7 months ago (2024-05-05T05:18:06.949Z)

Download STIX

Preview STIX

GOLD BLAZER is a threat actor identified as the operator of the BlackCat/ALPV ransomware. This group, along with others such as GOLD MYSTIC (LockBit) and GOLD TAHOE (Cl0p), continues to dominate the ransomware landscape. While these established groups maintain their stronghold, new threat actors are emerging and gaining notoriety by listing significant victim counts on "name and shame" leak sites. In comparison to other active groups, GOLD BLAZER's BlackCat is the second most prevalent ransomware, trailing behind GOLD MYSTIC's LockBit. Over a 12-month period, LockBit has affected nearly three times as many victims as BlackCat. Despite this, GOLD BLAZER remains a significant player in the cyber threat arena due to its considerable number of victims. While established names like GOLD BLAZER continue to pose serious threats, it is important to note the emergence of new groups in the ransomware landscape. These emerging groups are quickly escalating their activities and adopting the practice of publicizing their victims on leak sites. As such, continuous monitoring of the threat landscape and adapting cybersecurity strategies accordingly is essential.

Description last updated: 2024-05-05T04:34:58.906Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Lockbit Malware is associated with Gold Blazer. LockBit is a malicious software, or malware, known for its damaging and exploitative functions. It infiltrates systems via dubious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or hold data hostage for ransom. The LockBit	Unspecified	2
The Gold Mystic Malware is associated with Gold Blazer. Gold Mystic, also known as LockBit and Water Selkie, is a notable threat group that began ransomware operations in 2019. They adopted the LockBit name for their file-encrypting malware in 2020 and listed their first victims on the leak site in September of the same year. After a six-month period of	Unspecified	2

Source Document References

Information about the Gold Blazer Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	a year ago	Ransomware Dwell Time Hits Low of 24 Hours \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	a year ago	Ransomware is deployed faster as cybercriminals seek to avoid detection
CERT-EU	a year ago	Cybercriminals can go from click to compromise in less than a day \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
InfoSecurity-magazine	a year ago	Record Numbers of Ransomware Victims Named on Leak Sites
CERT-EU	a year ago	Fast Ransomware: One Day to Infection, New Report Says \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting