Golden Chickens

Malware Profile Updated a month ago
Download STIX
Preview STIX
Golden Chickens, also known as More_eggs, is a sophisticated malware suite that was initially discovered in 2018. It is used by financially motivated cybercrime actors like the Cobalt Group and FIN6 to steal sensitive information such as intellectual property and geopolitical intelligence from compromised systems. The malware primarily targets organizations in Southeast Asia and has been identified as a "cyber weapon of choice" by the Russia-based cyber gangs. It is offered as a malware-as-a-service (MaaS), providing its users with a stealthy and capable tool for their illicit activities. The identity of the threat actors behind Golden Chickens was unveiled by Elite Threat Hunters from cybersecurity firm eSentire. VENOM SPIDER, a Romanian man known as Jack or badbullzvenom, was identified as one of the two criminals operating an account on the Russian-language Exploit.in forum. He was characterized as the true mastermind behind Golden Chickens. Jack reportedly met with co-developer 'Chuck from Montreal' in the dark web from late 2012 to October 2013, before releasing Multiplier and VenomKit in 2015 and 2017, respectively, which were later consolidated into Golden Chickens. In May 2023, the second developer of the Golden Chickens malware was unmasked due to a fatal operational security blunder. The second developer was also identified as Jack, who is also known as Lucky and badbullzvenom. This revelation has shed more light on the operations and development of the Golden Chickens malware, enhancing the understanding of this persistent cyber threat and potentially aiding in its mitigation.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Golden Chickens Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
9 months ago
Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer
CERT-EU
a year ago
Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware
CERT-EU
a year ago
High-severity Chrome vulnerabilities addressed
CERT-EU
a year ago
Security Operations Center (SOC) | Security Operations Centers
CERT-EU
a year ago
Researchers identify second developer behind Golden Chickens MaaS
CERT-EU
a year ago
Golden Chickens malware developer unmasked
CERT-EU
a year ago
Minnesota VA medical center plagued with IT security gaps
CERT-EU
a year ago
Researchers Identify Second Developer of ‘Golden Chickens’ Malware
CERT-EU
6 months ago
Hiring? New scam campaign means ‘resume’ downloads may contain malware