BTC $63479.2080
ETH $3102.3210
BNB $553.9303
SOL $138.6944
stETH $3095.0573
XRP $0.4977
DOGE $0.1616
TON $6.5573
ADA $0.4609
AVAX $35.1800
wstETH $3604.0886
WBTC $63444.7835
TRX $0.1115
WETH $3097.1785
BCH $508.1534
DOT $6.7139
LINK $13.5848
MATIC $0.7078
UNI $7.2517
LTC $78.0969
ICP $12.3388
DAI $0.9999
CAKE $2.7613
RNDR $8.2936
FDUSD $0.9976
IMX $1.9531
ETC $26.4901
STX $2.5389
MNT $1.1217
TAO $525.3353
OKB $57.6303
FIL $6.0159
NEAR $5.2270
VET $0.0414
MKR $3079.1039
HBAR $0.0795
KAS $0.1206
WIF $2.7619
ATOM $8.1379
GRT $0.2535
CORE $2.6998
USDE $0.9998
XMR $123.1697
FET $2.0557
INJ $24.4523
XLM $0.1076
PEPE $0.0000
BTC $63479.2080
ETH $3102.3210
BNB $553.9303
SOL $138.6944
stETH $3095.0573
XRP $0.4977
DOGE $0.1616
TON $6.5573
ADA $0.4609
AVAX $35.1800
wstETH $3604.0886
WBTC $63444.7835
TRX $0.1115
WETH $3097.1785
BCH $508.1534
DOT $6.7139
LINK $13.5848
MATIC $0.7078
UNI $7.2517
LTC $78.0969
ICP $12.3388
DAI $0.9999
CAKE $2.7613
RNDR $8.2936
FDUSD $0.9976
IMX $1.9531
ETC $26.4901
STX $2.5389
MNT $1.1217
TAO $525.3353
OKB $57.6303
FIL $6.0159
NEAR $5.2270
VET $0.0414
MKR $3079.1039
HBAR $0.0795
KAS $0.1206
WIF $2.7619
ATOM $8.1379
GRT $0.2535
CORE $2.6998
USDE $0.9998
XMR $123.1697
FET $2.0557
INJ $24.4523
XLM $0.1076
PEPE $0.0000
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Information security specialists revealed the identity of the Golden Chickens malware operator

    eSentire has revealed the identity of the second attacker behind the Golden Chickens malware with a fatal privacy bug.

    The mentioned person, who lives in Bucharest (Romania), received the code name Jack. Jack, along with his accomplice, use accounts on the Exploit.in forum with the nicknames "badbullzvenom" and "Chuck from Montreal", respectively.

    eSentire described Jack as the true inspiration behind Golden Chickens. The experts also proved that Jack is the owner of a fruit and vegetable import and export business.

    Jack's online activity begins in 2008, when he was only 15 years old. Then he registered on various hacker forums. The teenager was interested in creating malware, infostealers and keyloggers, and grew up to be a hacker developing password thieves, ransomware and More_eggs.

    In 2012, Jack gained a reputation as a scammer in the cybercriminal community due to his failure to provide adequate support to clients buying his software. After numerous allegations, Jack decided to move to Pakistan to work for the government as a security specialist.

    It's not immediately clear if Jack went to Pakistan, but eSentire found tactical overlaps between the 2019 campaign of the Pakistani SideCopy attacker, and Jack's VenomLNK malware, which serves as the initial access vector for the More_eggs backdoor.

    It is suspected that Jack's paths crossed with "Chuck from Montreal" in 2013, when Chuck on one of the forums shared contacts for communication in the Jabber messenger. The messenger account was linked to LUCKY, Jack's first nickname on hacker forums.

    Researchers speculate that Jack made a deal with Chuck to post his messages on the forums under Chuck's nicknames "badbullz" and "badbullzvenom" to get around his notoriety as a scammer and "start over with a clean slate". Subsequently, in 2017, badbullzvenom (also known as LUCKY) released a separate tool called VenomKit, which has since evolved into Golden Chickens.

    The experts concluded that it was the Jabber account and the sharing of nicknames with Chuck that became a fatal mistake for Jack, which led to his deanonymization. eSentire also uncovered the identities of Jack's wife, mother, and two sisters.

    Author DeepWeb
    AceCryptor: a powerful weapon for cybercriminals to bypass detection and reverse engineering
    EU calls for ban on end-to-end encryption of citizen communications

    Comments 0

    Add comment