SYMBOLCOMMON_NAMEaka. SYNONYMS

GOLD SYMPHONY  (Back to overview)


GOLD SYMPHONY is a financially motivated cybercrime group, likely based in Russia, that is responsible for the development and sale on underground forums of the Buer Loader malware. First discovered around August 2019, Buer Loader is offered as a malware-as-a-service (MasS) and has been advertised by a threat actor using the handle 'memeos'. Customers include GOLD BLACKBURN, the operators of the TrickBot malware. In addition to TrickBot, Buer Loader has been reported to download Cobalt Strike and other tools for use in post-intrusion ransomware attacks.


Associated Families

There are currently no families associated with this actor.


References
2021SecureworksSecureWorks
@online{secureworks:2021:threat:07bd94a, author = {SecureWorks}, title = {{Threat Profile: GOLD SYMPHONY}}, date = {2021}, organization = {Secureworks}, url = {http://www.secureworks.com/research/threat-profiles/gold-symphony}, language = {English}, urldate = {2021-05-28} } Threat Profile: GOLD SYMPHONY
Buer GOLD SYMPHONY

Credits: MISP Project