Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Gambling Industry. Show all posts

Casinos in Southeast Asia are Encouraging Cybercrime Boom


Mr. Big is having certain problem. He wants to move what he calls his “fraud funds,” back to China. However, restriction is keeping him in doing so. 

Mr. Big, obviously not revealing his real name, took to telegram where he posted an ad to his Telegram channel. In exchange for a 10% cut, he was looking for a "group of smuggling teams" to "complete the final conversion" of the stolen money by smuggling gold and valuable stones into southern China through Myanmar.

While it is still unclear whether Mr. Big succeeded in his plans, his ad has now been deleted and when the infamous investigative newsroom ProPublica tried to contact him, they were unable to get in touch with him. However, the website where he posted his advertisement reveals a lot about the reasons why Americans and individuals all over the world have been the subject of a massive wave of fraud that originated in Southeast Asia and is only now starting to be understood on a much larger scale.

In their recent event of crime investigation, Singapore police seized a whopping sum of more than $2 billion in a case of money laundering executed by a syndicate with alleged ties to organized crime, including "scams and online gambling."

The Telegram channel that contained Mr. Big's request for help was a Chinese-language forum that provided access to "white capital"—cash that has been laundered—and that was "guaranteed" by a casino owner in Myanmar, Fully Light Group. This operator claims to make sure that agreements made on the site are carried out.

Also, Fully Light has its own Telegram channel which provide advertisements of similar services. One such channel has around 117,000 participants, and features advertisements of cryptocurrency swaps for accessing “pure white,” Chinese renminbi or “white capital” Singaporean dollars.

Casinos further aids in such dealings, which is quite apparent. According to a new research conducted by the United Nations Office on Drugs and Crime, a vast number of casinos and other gambling operators in Southeast Asia have turned out to be a primary aspect in the functioning of underground banking system, aiding organized criminal groups. However, the research has not been officially published. 

A report by UNODC notes that currently there are more than 340 physical casinos in Southeast Asia, and several online gambling operators that serve the escalation of infiltration in organized crimes.  

Dragon Breath's Latest Double-Clean-App Technique Targeting Gambling Industry


The Double-Clean-App Technique Explained

The Dragon Breath APT group is known for its sophisticated cyber-attacks on a wide range of industries, including the gambling industry. Recently, security researchers have uncovered the group's latest technique: the use of the double-clean-app method to evade detection and infiltrate targeted networks. 

The double-clean-app technique involves the use of two different types of malware, both designed to evade detection by traditional antivirus software. The first piece of malware is a "clean" version that appears harmless to security systems. It is often disguised as a legitimate application or file, such as a PDF document or a Microsoft Office file. 

Once the clean malware is downloaded and executed, it then downloads a second, more malicious piece of malware. "The attack is based on a classic side-loading attack, consisting of a clean application, a malicious loader, and an encrypted payload, with various modifications made to these components over time," said Sophos researcher Gabor Szappanos. "The latest campaigns add a twist in which a first-stage clean application 'side'-loads a second clean application and auto-executes it. The second clean application side-loads the malicious loader DLL. After that, the malicious loader DLL executes the final payload."

Dragon Breath APT Group's Attacks on the Gambling Industry

The second piece of malware is designed to infiltrate the targeted network and steal sensitive data, such as usernames, passwords, and financial information. It can also create backdoors for future attacks or cause damage to the network's infrastructure. QiAnXin reported on Operation Dragon Breath, also known as APT-Q-27 and Golden Eye, in 2020. 

The report described a watering hole campaign aimed at deceiving users into downloading a Windows installer for Telegram that had been infected with a Trojan virus. The Dragon Breath APT group has been using the double-clean-app technique to target the gambling industry. This industry is particularly vulnerable to cyber-attacks due to its reliance on online transactions and the storage of sensitive customer data. 

The group's attacks on the gambling industry have been highly sophisticated, involving the use of multiple techniques to evade detection. The group has also used social engineering tactics to trick employees into downloading malware or disclosing sensitive information. 

Strengthening Cybersecurity Measures for the Gambling Industry

In addition to financial losses, a breach can lead to a loss of customer trust and reputational damage. Customers may be hesitant to continue using a platform that has been compromised, and regulatory authorities may impose fines or sanctions. 

To protect against these types of attacks, companies in the gambling industry must implement robust cybersecurity measures. This includes regular training for employees on how to identify and avoid phishing attacks, the use of advanced antivirus software, and the implementation of multi-factor authentication. 

Companies should also regularly conduct penetration testing and vulnerability assessments to identify any weaknesses in their systems. This will allow them to proactively address potential security issues before they are exploited by threat actors.