Hackers target online gambling companies

The group of hackers, known as APT27, were gaining access to specific servers and demanding US$100m in Bitcoin as ransom

Israeli cybersecurity firms, Profero and Security Joes, are reporting a series of malicious software attacks, known as ransomware, against five unnamed online gambling companies by a group known as Advanced Persistent Threat 27 (APT27). 

APT27 was originally focused on corporate intelligence rather than financial gain but have now shifted to gambling companies. 

The report also identified a Chinese-led hacking group known as Winnti (aka APT41), which has a history of going after online gaming. The APT27 attacks used similar DRBControl malware to gain access to targeted servers. 

Once the hackers gained access to a specific server, they utilised the BitLocker encryption tool built into Windows to deny access to the rightful owners of the servers rather than applying a custom piece of ransomware and then demanded a total of US$100m in Bitcoin from the targeted gambling operators to unlock the servers. 

The gambling companies did not give in to the hackers’ demand as ransoms were not paid and companies were able restore access to their Amit Serper | SiGMA Newsservers by using back up files. 

Amit Serper (pictured left), a cybersecurity researcher, told Haaretz that these designed attacks are very similar to those used by state-sponsored Chinese hackers. Their certain ways of attacking a system are easily noticeable and that is why Serper thinks it was this specific group of hackers. However, since state-sponsored Chinese hackers tend to use the same tactics, there is the possibility that another country could be impersonating these hackers, such as North Korea according to Amit Serper. 

Furthermore, there may also be the possibility that these attacks were a response to China’s fight against ‘cross-border’ gambling. The hackers may have used the ransomware tactic as a way to hinder operators by stopping them from accepting bets from mainland gamblers. This hacking tactic could be a new form of penalising mainland gamblers and help in their fight against cross-border gambling.

Source: Calvinayre

About AIBC:

AIBC Summit is a global expo covering topics relating to the global sectors for blockchain, AI, Big Data, IoT, and Quantum technologies. The event includes conferences hosted by globally renowned speakers, workshops for industry learning and discussion, an exhibition space accommodating more than 400 brands and a number of networking events.

Related Posts