Blue Mockingbird
Blue Mockingbird is a cluster of observed activity involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems. The earliest observed Blue Mockingbird tools were created in December 2019.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 Low0.0
None signal strength
Mentions0
Sources0
High conf.0
First observed
2020-05-26
Last active
—
Origin
Unknown — financially motivated cybercriminal group, no state attribution
Aliases
1
Techniques
22
Campaigns
0
Attribution signals
No attribution signals extracted yet — signals populate automatically as articles are processed.