A nation-state actor that has links with Chinese hackers is exploiting two new backdoors to run a cyber-espionage campaign against gambling entities in Southeast Asia, according to Trend Micro research. The new activity, which is also reportedly occurring in Europe and the Middle East, was first unearthed last year when cybersecurity consultancy Talent-Jump Technologies found a Microsoft Windows backdoor and contacted Trend Micro while conducting incident response for a company based in the Philippines. Upon further investigation, it wasn’t immediately clear if the group itself, which Trend Micro has dubbed “DRBControl,” is a newcomer, according to Trend Micro researchers Daniel Lunghi, Cedric Pernet, Kenney Lu, and Jamz Yaneza. Based on DRBControl’s techniques and malware, there are some connections with Chinese-linked APT 27. That threat group is known for its targeting in the aerospace, government, defense, technology, and energy industries. DRBControl may also be tied to Winnti group, according to Trend Micro’s […]
The post Chinese-linked hacking group using Windows backdoors to go after gambling industry targets appeared first on CyberScoop.
Continue reading Chinese-linked hacking group using Windows backdoors to go after gambling industry targets→