Webinar | Exploring Golden Chicken Ransomware Group with Maltego and ShadowDragon

Golden Chickens is the “cyber weapon of choice” for three of the top money making, longest-running Internet crime groups which are estimated to have collectively caused financial losses over USD $1.5 billion. eSentire’s Threat Response Unit has been monitoring the internet activities of the threat actor behind Golden Chicken – “VenomSpider” as named by Crowdstrike – for many years.

In this webinar, ShadowDragon and Maltego experts will utilize the seed data provided in eSentire’s investigations and demonstrate how to verify connections between VenomSpider’s username in a Russian-language hacker forum and a natural personal identity. The investigation demonstrates how to effectively delve into relevant social media profiles, location of residence, background, and additional personal networks using Maltego and ShadowDragon.

In this webinar, you’ll learn:

• 04:57 eSentire’s Report on Golden Chickens
• 06:42 Quick Overview of the Investigative Workflow
• 10:40 Looking at eSentire’s Report with a Maltego Graph
• 12:42 Starting with an Alias Entity
• 16:52 Gathering Data with an Email Address
• 27:45 Retrieving Password from Breach Entities
• 32:11 Using another Alias Entity to Iterate Other Email Providers
• 36:49 Bulk Search on an Alias Entity for Social Handles
• 43:30 Digging More into the Email Address Entity
• 48:57 Looking into the Target’s Facebook Profile
• 54:12 Summary of the Demo and Hints for Further Investigation