GOLDBACKDOOR

Description

(Stairwell) Stairwell assesses with medium-high confidence that GOLDBACKDOOR is the successor of, or used in parallel with, the malware BLUELIGHT, attributed to APT37 / Ricochet Chollima. This assessment is based on technical overlaps between the two malware families and the impersonation of NK News, a South Korean news site focused on the DPRK.

Names

Name
GOLDBACKDOOR

Type

Backdoor

Information

https://stairwell.com/news/threat-research-the-ink-stained-trail-of-goldbackdoor/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.goldbackdoor

Other Information

Uuid

4dc06fbc-f957-49fd-8ab3-6af2b7fb307d

Last Card Change

2023-06-22

Threat Intelligence Garden

Explorer

GOLDBACKDOOR

GOLDBACKDOOR

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks