Unmasking Venom Spider:

The Hunt for the Golden Chickens

For the past 16 months, eSentire’s security research team, the Threat Response Unit (TRU), has been tracking one of the most capable and stealthy malware suites—Golden Chickens. This malware is the “cyber weapon of choice” for two of Russia’s top cybercrime groups: FIN6 and Cobalt Group. TRU not only detected a new Golden Chickens threat campaign targeting e-commerce organizations but has also discovered the identity of the threat actors behind it. With this intelligence, we deciphered the threat actor’s Tactics, Techniques, and Procedures (TTPs), as well as the origins of the Golden Chickens Malware-As-A-Service (MaaS) and its ongoing operations.