FlagThis

CyberSecurity updates
Updated: 2024-11-21 14:33:25 Pacfic
MalBot @ Malware Analysis, News and Indicators
APT41 Targets the Gambling Industry with Custom Tools - 29d
Read more: malware.news

APT41, a sophisticated threat actor, has been observed maintaining a persistent presence on gambling company networks for nine months. This group utilizes custom tools and techniques, including phantom DLL hijacking and WMIC JavaScript loading, to achieve their objectives. These tactics have been particularly effective in evading detection and establishing long-term access. The group’s continued focus on the gambling industry underscores the sector’s vulnerability to advanced cyber threats, demanding enhanced security measures and vigilance to counter these sophisticated attacks.

References:
  • Malware Analysis, News and Indicators - Spear-phishing emails may have been leveraged by APT41 to infiltrate targeted network infrastructure, which would then be deployed with a DCSync attack that enables password hash exfiltration. - 29d
  • SCM feed for Threat Management - Spear-phishing emails may have been leveraged by APT41 to infiltrate targeted network infrastructure, which would then be deployed with a DCSync attack that enables password hash exfiltration. - 29d
  • sra.io - APT41 targets gambling industry with new custom tools and nine-month persistence. Uses phantom DLL hijacking and WMIC JavaScript loading. - 29d

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can reach me at Bluesky if you have feedback or comments.