| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Golden Eye Dog targets Chinese-speaking users engaged in online gambling, employing techniques such as SERP poisoning, social engineering, and DDoS attacks. The group utilizes trojanized NSIS installers to deliver RONINGLOADER, which executes complex process-injection workflows and deploys a modified Gh0st RAT for espionage. Their operations have included DLL sideloading and the use of watering hole websites to implant Trojans. The group is noted for its high anti-detection capabilities and has been associated with various malware development languages.
There are currently no families associated with this actor.
| 2023-05-03
⋅
Sophos
⋅
A doubled “Dragon Breath” adds new air to DLL sideloading attacks Ghost RAT DragonBreath |