A recent report showed that hackers illegally acquired source code and databases from companies managing online betting and gambling websites from July to September 2019.
Cybersecurity firms Trend Micro and Talent-Jump announced Tuesday that a group of professional Chinese hackers called DRBControl successfully hacked into gambling companies based in Southeast Asia.
Instead of stealing money, however, the attacks appear to be targeting company databases and source code, suggesting that certain Southeast Asian gambling sites might have fallen victims to espionage tactics.
Trend Micro was quoted stating that the attacks utilized the PlugX and HyperBro backdoors, with one appearing to have used the file hosting and sharing service Dropbox.
DRBControl, which stands for DropBox Control, utilized the said service to carry out the attacks, infecting as many computers it could.
DRBControl reportedly downloaded several tools that aid in its campaign, including tools to scan for NETBIOS servers, carry out brute-force attacks, dump passwords from infected host, retrieve a workstation’s public IP address, create network traffic tunnels to outside networks, and more.
Reports indicated that an estimate of 200 computers were infected through a single Dropbox account, while a second account managed to infect 80 more computers.
Trend Micro said further investigations revealed that the strategy and malware used by DRBControl resembles those of Winnti and Emissary Panda. These two hacking groups are known for conducting attacks for the Chinese government, as reported by ZDNet.
The relation of DRBControl with Beijing remains to be unclear, though. But it can be recalled that cybersecurity firm FireEye reported in August 2019 that certain hacking groups perform cyberattacks no longer sponsored by the Chinese state.
Meanwhile, as the iGaming sector continues to expand, especially with the influx of crypto-friendly casinos, regulators and operators are encouraged to take all the necessary steps to protect their and the players’ data and funds from potential hacking attacks.
Online casino operators should ensure that players’ credit card details, bank account, and private information are properly safeguarded. This also raises the benefits provided by crypto and blockchain casinos, which can ensure player anonymity. The players’ use of cryptocurrencies as payment method also serves as a barrier against the possibility of hackers stealing funds and financial details.