Thursday, January 21, 19:51
Home security Chinese hackers attack gambling sites

Chinese hackers attack gambling sites

The companies security Talent-Jump and Trend Micro have revealed in their reports that for about 6 months (from summer 2019), one Chinese team hackers Performs attacks into a Companies that are behind sites of gambling and betting.

According to the companies, there are confirmed hacks to gaming companies located at Southeast Asia. There are also rumors about attacks to companies in Europe and the Middle East. The latter is not certain.

Evidence so far shows that the Chinese hackers have stolen them fundamentals data and the source code of companies and not money. This means that there is no financial incentive. Obviously, the target of the attacks is espionage.

The attacks were carried out by a group that the researchers called DRBC control.

Trend Micro reported the malware and tactics used by hacking team are similar to their tools and tactics Winnti and Emissary Panda. These are two hacking teams that have carried out numerous attacks on the Chinese government over the past decade.

We don't know yet if DRBControl is working for Beijing. Probably not. In August 2019, FireEye revealed that some Chinese state groups were also attacking their own interests.

DRBCONTROL

DRBCONTROL attacks

DRBControl's recent attacks are neither complex nor unique to the tactics used by hackers.

The attacks start with one spear-phishing email, sent to victims. The emails include one link. If the victims open the link, they will become infected backdoor trojans.

Backdoor trojans are somewhat different from other backdoors because they rely heavily on Dropbox hosting and sharing service, used as a command-and-control (C&C) service and as a storage medium for secondary payloads and stolen data.

Usually, Chinese hackers use backdoors to download other hacking tools and malware, which will use them to find databases and source code of gambling sites.

Tools used by DRBControl:

  • Tools for scanning NETBIOS servers
  • Tools for brute-force attacks
  • Windows UAC Bypass Tools
  • Tools to gain more privileges in the infected system
  • Tools for acquiring passwords
  • Tools for stealing data clipboard
  • Tools for loading and executing malicious code
  • Tools to retrieve the public IP address of a workstation
  • Tools for network communication with external networks

DRBCONTROL has infected many companies dealing with them gaming sites

Talent-Jump has been able to closely monitor the activities of Chinese hackers from July to September 2019.

During this time, hackers managed to infect some 200 computers of gaming companies, through a Dropbox account and others 80 through a second account.

Both attacks on the team continue Companies have published some tips that can help organizations detect suspicious activity or malware by DRBControl.

These are not the first attacks on gambling sites. In 2018, the cybersecurity company ESET he mentioned that North Korean government hacking teams attacked an online casino in Central America For the purpose of theft money.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...
00:02:35

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...