Venomkit

Malware updated 6 months ago (2024-05-04T19:05:21.900Z)
Download STIX
Preview STIX
VenomKit is a malicious software (malware) that was released by badbullzvenom, also known as LUCKY, in 2017. The tool was developed with the intent to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once inside a system, it could steal personal information, disrupt operations, or hold data hostage for ransom. This malware has since evolved into the Golden Chickens Malware-as-a-Service (MaaS), a more advanced and harmful version of the initial software. The development and evolution of VenomKit is closely tied to two individuals: Jack and 'Chuck from Montreal'. These two were noted by researchers to have met on the dark web between late 2012 and October 2013. Following these interactions, Jack proceeded to release Multiplier and VenomKit in 2015 and 2017 respectively. These tools were later consolidated into the Golden Chickens MaaS, further enhancing their capabilities and reach. Security experts have reported multiple instances where VenomKit was used in cyber attacks. Notably, in 2017 and 2018, the Cobalt Group leveraged VenomKit to deploy Cobalt Strike in attacks on banks. In 2019, the malware suite was utilized by FIN6, during which time the suite had incorporated the PureLocker ransomware plugin. This series of events underscores the evolving nature and increasing threat posed by malware like VenomKit.
Description last updated: 2024-03-05T17:34:05.134Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Venomkit Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more