NightClub

Malware updated 23 days ago (2024-11-29T14:15:48.792Z)
Download STIX
Preview STIX
The NightClub is a malware framework used by MoustachedBouncer, named so because it contains a C++ class called 'nightclub.' This malicious software is designed to exploit and damage victims' computer systems or devices without their knowledge. It can infiltrate systems through suspicious downloads, emails, or websites and then steal personal information, disrupt operations, or even hold data hostage for ransom. ESET, a global cybersecurity company, believes that NightClub is primarily used for victims where traffic interception at the Internet Service Provider (ISP) level isn't possible, such as when an end-to-end encrypted Virtual Private Network (VPN) is used to route internet traffic outside of certain regions like Belarus. In a separate but related incident in 2004, Mirror Group Newspapers (MGN) admitted to unlawfully gathering information on Prince Harry at a London nightclub called Chinawhite. A private investigator was paid around £75 ($95) by an MGN journalist to gather information about Prince Harry's activities during his night out. MGN has since apologized for a February 2004 article in Sunday People that described Prince Harry romancing two models at the nightclub. The publisher conceded one instance of illegal information gathering at the trial in May and acknowledged that the Duke "is entitled to appropriate compensation." Among other incidents involving nightclubs, a video surfaced showing an individual identified as Wiz dancing at a Miami nightclub earlier this year, holding an illuminated sign with the message, "I win it all." In another case, Bobby Grusinsky, a character in a story, managed a nightclub frequented by gangsters and criminals. His brother Joe and father Burt, both NYPD cops, were trying to dismantle the Russian mafia that frequented the establishment. Meanwhile, Kurt Hansen hosted Night City’s most influential citizens in his exclusive Black Sapphire nightclub.
Description last updated: 2024-10-09T18:15:46.856Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Disco is a possible alias for NightClub. DisCo is a malware that emerged as a significant threat in the cybersecurity landscape. It's a harmful program designed to exploit and damage computer systems, often infiltrating them without the user's knowledge through suspicious downloads, emails, or websites. Unlike conventional malicious softwa
3
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Implant
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The MoustachedBouncer Threat Actor is associated with NightClub. MoustachedBouncer, a threat actor first detailed in August 2023, is known for its cyberespionage activities primarily targeting foreign diplomats in Belarus. The group has been linked to at least four attacks on foreign embassies in Belarus since 2014, including two European nations, one from South Unspecified
2
Source Document References
Information about the NightClub Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Krebs on Security
2 months ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
BankInfoSecurity
a year ago
DARKReading
a year ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
a year ago