Cybersecurity firm eSentire has revealed the identity of the second developer behind the Golden Chickens malware suite, which has been employed by financially motivated cybercrime groups Cobalt Group and FIN6 since 2018. Golden Chickens primarily targets organizations in various industries, causing over $1.4 billion in financial losses, by stealing banking information and credit card data from online payment systems.
The true mastermind behind Golden Chickens, known as ‘Jack’, is a Romanian based in Bucharest and has been active in the cybercrime community since 2008.
Jack, who built a reputation as a ripper and scammer, started his career with password stealers and crypters before launching Golden Chickens in 2017. He has released various malware tools over the years, including password stealers, keystroke loggers, and crypters.
In 2019, FIN6 began utilizing Golden Chickens, and the suite evolved to include the PureLocker ransomware plugin.
eSentire’s extensive analysis of underground forums and 15 years of activity has allowed them to uncover Jack’s true identity, as well as the identities of his family members. They have also discovered Jack’s social media accounts, showcasing his luxury travels and fashionable lifestyle.
Despite his involvement in cybercrime, Jack is listed as the owner of a legitimate fruit and vegetable import/export business.
This revelation highlights the sophisticated nature of malware-as-a-service models and the continuous threat posed by financially motivated cybercrime groups.
It emphasizes the importance of robust cybersecurity measures for organizations to protect themselves from significant financial losses and data breaches.
