NightClub

Malware updated 4 months ago (2024-05-04T18:04:58.182Z)

Download STIX

Preview STIX

The malware named "NightClub" is a malicious software framework primarily used by an entity known as MoustachedBouncer, according to cybersecurity firm ESET. This framework was so named due to the presence of a C++ class called 'nightclub' within its code. ESET has identified that NightClub is typically deployed in cases where traffic interception at the Internet Service Provider (ISP) level is not possible, such as when victims use end-to-end encrypted Virtual Private Networks (VPNs) that route internet traffic outside of Belarus. In these instances, the Disco malware is used in conjunction with Attacks-in-the-Middle (AiTM). In 2004, Mirror Group Newspapers (MGN) admitted to unlawfully gathering information on Prince Harry at a London nightclub, Chinawhite. A private investigator was paid approximately $95 to monitor and report on Prince Harry's activities during his visit to the club. The incident was later reported in a February 2004 article in Sunday People, which detailed Prince Harry's interactions with two models during his night out. MGN has since apologized for this intrusion of privacy and acknowledged that the Duke is entitled to appropriate compensation. In unrelated events, various characters are depicted as being associated with nightclubs in different contexts. Bobby Grusinsky, portrayed by Joaquin Phoenix, manages a nightclub frequented by gangsters, while his brother Joe and father Burt, both NYPD cops played by Mark Wahlberg and Robert Duvall respectively, aim to dismantle the Russian mafia visiting the club. Meanwhile, Kurt Hansen hosts influential citizens in his exclusive Black Sapphire nightclub located in Night City. These narratives demonstrate the diverse roles nightclubs play in cultural and entertainment narratives.

Description last updated: 2024-05-04T16:24:53.505Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
Disco	3	DisCo is a malware that emerged as a significant threat in the cybersecurity landscape. It's a harmful program designed to exploit and damage computer systems, often infiltrating them without the user's knowledge through suspicious downloads, emails, or websites. Unlike conventional malicious softwa

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Malware

Implant

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
MoustachedBouncer	Unspecified	2	MoustachedBouncer, a threat actor group based in Belarus, has been identified as a significant cybersecurity concern. As per the reports published by ESET in August 2023, this group is known for its sophisticated cyberespionage activities, primarily targeting foreign diplomats within Belarus. The gr

Source Document References

Information about the NightClub Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	8 months ago	3 great action movies on Tubi you need to watch in January \| Digital Trends
CERT-EU	a year ago	Hands-on review: Cyberpunk 2077 2.0 and the Phantom Liberty DLC expansion (PC)
CERT-EU	a year ago	Piers Morgan Says He Was Unaware of Harry’s Alleged Phone Hacking \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker – National Cyber Security Consulting
CERT-EU	a year ago	Harry and others face wait for ruling on Mirror Group hacking claims \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	10 months ago	Santos pleads not guilty to new fraud charges
CERT-EU	a year ago	Why Is Prince Harry in Court? Phone-Hacking Case, Explained. \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	a year ago	Prince Harry ‘should get just £500’ over phone hacking claims \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	a year ago	Prince Harry should only get £500 in compensation for phone hacking claims, High Court told \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting
CERT-EU	a year ago	TikTok ban 'wields a sledgehammer' to First Amendment rights, creators say
CERT-EU	a year ago	New Cyber Threat 'MoustachedBouncer' Targets Embassies in Belarus
CERT-EU	a year ago	Prince Harry's lawyer says British tabloid spied on 'industrial scale'
CERT-EU	2 years ago	Finland’s Most-Wanted Hacker Arrested in France
CERT-EU	a year ago	Prince Harry Receives Apology From Tabloid Publisher Amid Hacking Trial \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker – National Cyber Security Consulting
BankInfoSecurity	a year ago	Breach Roundup: Raccoon Stealer Makes a Comeback
DARKReading	a year ago	'MoustachedBouncer' APT Spies on Embassies, Likely via ISPs
CERT-EU	a year ago	Tabloid apologises to Harry at start of phone-hacking trial – Newspaper \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker – National Cyber Security Consulting
CERT-EU	a year ago	Hackers with links to Pro-Russian groups compromised foreign embassies in Belarus, researchers say
CERT-EU	9 months ago	Ex-U.K. officials say Murdoch tabloids hacked them to aid corporate agenda : NPR \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #hacker \| National Cyber Security Consulting