BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Information security specialists revealed the identity of the Golden Chickens malware operator

    eSentire has revealed the identity of the second attacker behind the Golden Chickens malware with a fatal privacy bug.

    The mentioned person, who lives in Bucharest (Romania), received the code name Jack. Jack, along with his accomplice, use accounts on the Exploit.in forum with the nicknames "badbullzvenom" and "Chuck from Montreal", respectively.

    eSentire described Jack as the true inspiration behind Golden Chickens. The experts also proved that Jack is the owner of a fruit and vegetable import and export business.

    Jack's online activity begins in 2008, when he was only 15 years old. Then he registered on various hacker forums. The teenager was interested in creating malware, infostealers and keyloggers, and grew up to be a hacker developing password thieves, ransomware and More_eggs.

    In 2012, Jack gained a reputation as a scammer in the cybercriminal community due to his failure to provide adequate support to clients buying his software. After numerous allegations, Jack decided to move to Pakistan to work for the government as a security specialist.

    It's not immediately clear if Jack went to Pakistan, but eSentire found tactical overlaps between the 2019 campaign of the Pakistani SideCopy attacker, and Jack's VenomLNK malware, which serves as the initial access vector for the More_eggs backdoor.

    It is suspected that Jack's paths crossed with "Chuck from Montreal" in 2013, when Chuck on one of the forums shared contacts for communication in the Jabber messenger. The messenger account was linked to LUCKY, Jack's first nickname on hacker forums.

    Researchers speculate that Jack made a deal with Chuck to post his messages on the forums under Chuck's nicknames "badbullz" and "badbullzvenom" to get around his notoriety as a scammer and "start over with a clean slate". Subsequently, in 2017, badbullzvenom (also known as LUCKY) released a separate tool called VenomKit, which has since evolved into Golden Chickens.

    The experts concluded that it was the Jabber account and the sharing of nicknames with Chuck that became a fatal mistake for Jack, which led to his deanonymization. eSentire also uncovered the identities of Jack's wife, mother, and two sisters.

    Author DeepWeb
    AceCryptor: a powerful weapon for cybercriminals to bypass detection and reverse engineering
    EU calls for ban on end-to-end encryption of citizen communications

    Comments 0

    Add comment