A financially motivated cybercriminal group active since 2018. Their main arsenal includes RansomEXX or Defray777, Cobalt Strike, Metasploit, and Vatet Loader.

GOLD DUPONT establishes initial access into victim networks using stolen credentials to remote access services like virtual desktop infrastructure (VDI) or virtual private networks (VPN).


Incidents Associated with this Threat

  • December 9, 2021: Ransomware Attack at German Supply Chain & Logistics Giant

Malware Used by this Threat Actor

No malware identified for this threat actor.

Pin It on Pinterest

Scroll to Top