cybercrime
GOLD OLDFIELD
Objectives
Tools
SUMMARY
GOLD OLDFIELD are the operators of the MegaCortex ransomware, that has been used in post-intrusion attacks. The initial intrusion vector leading to GOLD OLDFIELD attacks is unknown, although it could be through existing commodity infections such as Emotet or Qakbot. Once in the environment, GOLD OLDFIELD is believed to use PowerShell, Meterpeter and Cobalt Strike for lateral movement, with the ransomware ultimately being pushed using PSExec and credentials stolen from domain controllers.
お問い合わせ
お客様の組織が早急な支援を必要としている場合でも、インシデントの準備、対応、テストのニーズについて相談したい場合でも、以下からお問い合わせください。