GOLD GALLEON
Objectives
Tools
SUMMARY
GOLD GALLEON was a financially motivated cybercriminal threat group comprised of at least 20 criminal associates that collectively carry out business email compromise (BEC) and spoofing (BES) campaigns. The group specifically targeted maritime organizations and their customers. CTU researchers have observed GOLD GALLEON targeting firms in South Korea, Japan, Singapore, Philippines, Norway, U.S., Egypt, Saudi Arabia, and Colombia. The threat actors leverage tools, tactics, and procedures that are similar to those used by other BEC/BES groups CTU researchers have previously investigated, such as GOLD SKYLINE. The group used the same caliber of publicly available malware (inexpensive and commodity remote access trojans), crypters, and email lures.
GOLD GALLEON was active from at least 2017 through 2018 but CTU researchers are unable to assess if the group or its components remain active.
Analyse des menaces
GOLD GALLEON: How a Nigerian Cyber Crew Plunders the Shipping IndustryContactez-nous
Que votre organisation ait besoin d’une assistance immédiate ou que vous souhaitiez discuter de vos besoins en matière de préparation aux incidents, de réponse et de test, contactez-nous directement ci-dessous.