GoldenJackalGoldenJackal

Also known as: GoldenJackal

Known aliases
1

Profile

GoldenJackal activity is characterized by the use of compromised WordPress websites as a method to host C2-related logic. Kaspersky believes the attackers upload a malicious PHP file that is used as a relay to forward web requests to another backbone C2 server. They developed a collection of .NET malware tools known as Jackal.

Aliases· 1

GoldenJackal

Known victims· 1

  • Germany

References

  1. https://securelist.com/it-threat-evolution-q2-2023/110355/
  2. https://securelist.com/goldenjackal-apt-group/109677/
  3. https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-Prognosen/Threat-Intelligence/Aktive_APT-Gruppen/aktive-apt-gruppen_node.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
GOLD CABIN
Actor
Rebel Jackal
Actor
GC02
Actor
WildPressure
Actor
Viking Jackal
Software
GREENCAT
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.