Gold Dupont

Threat Actor

A financially motivated cybercriminal group active since 2018. Their main arsenal includes RansomEXX or Defray777, Cobalt Strike, Metasploit, and Vatet Loader.

GOLD DUPONT establishes initial access into victim networks using stolen credentials to remote access services like virtual desktop infrastructure (VDI) or virtual private networks (VPN).

Incidents Associated with this Threat

Malware Used by this Threat Actor

No malware identified for this threat actor.