Golden Chickens Criminal Group
Golden Chickens is the name assigned to a criminal hacker group that has managed to establish itself as a prominent provider of malware threats in a MaaS (Malware-as-a-Service) scheme. The effectiveness of their malicious tools and Command-and-Control (C2, C&C) infrastructure has managed to attract even APT (Advanced Persistent Threat) groups as their clients. Golden Chickens offer their services on underground forums and their arsenal includes two building kits named Venom and Taurus as well as a sophisticated backdoor Trojan threat called more_eggs (Terra Loader, SpicyOmelette).
Golden Chickens' Malicious Products
The first builder kit offered by Golden Chickens is VenomKit. It is a specialized tool that allows threat actors to craft custom malicious Rich Text File (RTF) documents. Several different vulnerabilities can be exploited as a breach point into the target's computer system including CVE-2018-8174, CVE-2017-11882, and CVE-2018-0802. The second stage payload can be downloaded from a Web resource through batch and scriptlet files.