Contact

Mind the (air) gap: GoldenJackal gooses government guardrails

NetmanageIT OpenCTI - opencti.netmanageit.com

Mind the (air) gap: GoldenJackal gooses government guardrails



SUMMARY :

ESET researchers uncovered two distinct toolsets used by the GoldenJackal APT group to breach air-gapped systems in government organizations. The first toolset, observed in 2019, included GoldenDealer for delivering executables via USB drives, GoldenHowl as a modular backdoor, and GoldenRobo for file collection and exfiltration. The second toolset, deployed from 2022 to 2024, featured a highly modular approach with components for file collection, distribution, and exfiltration. GoldenJackal primarily targeted government and diplomatic entities in Europe, the Middle East, and South Asia, demonstrating sophisticated capabilities to compromise isolated networks. The group's evolution in developing two separate air-gap breaching toolsets within five years highlights their advanced threat level and awareness of network segmentation practices employed by their targets.

OPENCTI LABELS :

apt,cyberespionage,goldenusbgo,goldenblacklist,goldenrobo,modular malware,goldendealer,goldendrive,goldenmailer,goldenace,goldenhowl,usb propagation,jackalworm,goldenpyblacklist,goldenusbcopy,air-gapped systems


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Mind the (air) gap: GoldenJackal gooses government guardrails