Operation GamblingPuppet: Analysis of a multivector and multiplatform campaign targeting online gambling customers
2023-04-23 | 15:00 – 15:30
Despite being illegal in some countries, global online gambling industry growths steadily year after year, flourishing in current environment dominated by the global pandemic. This trend was not surprisingly noticed by advanced threat actors as we observed and analyzed campaigns targeting online gambling platforms.
In this research, we will focus on a multiplatform (Windows and Linux) campaign involving known espionage tools as well as new malware families. Operated by individuals with knowledge of Chinese language, the victims of this campaign are mostly online gambling customers in South East Asia.
We noticed some interesting infection vectors, such as backdoored or fake installers for popular applications, or even for a custom chat application, suggesting a very targeted campaign.