HomeCyber BalkansRansomware gangs hack casinos via 3rd party gaming vendors

Ransomware gangs hack casinos via 3rd party gaming vendors

Published on

spot_img


 

The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network.

In a private industry notification, the agency says that third-party vendors and services are common attack vector. Ransomware gangs continue to rely on third-party gaming vendors to breach casinos.

“New trends included ransomware actors exploiting vulnerabilities in vendor-controlled remote access to casino servers, and companies victimized through legitimate system management tools to elevate network permissions,” the agency explains.

Starting 2022, the FBI noted ransomware attacks that targeted small and tribal casinos to encrypt servers and personally identifiable information of employees and patrons.

The alert also details that the threat actor known as ‘Silent Ransom Group’ (SRG) and ‘Luna Moth’ has been carrying callback-phishing data theft and extortion attacks since June.

The attacker tricked the victim to call a number under the pretense that there were pending charges on their account. If the victim fell for the ruse, SRG would convince them to install a system management tool, which was later used to install other legitimate utilities that can also be used for malicious purposes.

“The [SRG] actors then compromised local files and the network shared drives, exfiltrated victim data, and extorted the companies” – Federal Bureau of Investigation

Previous reports note that among the phishing lures associated with Luna Moth/SRG attacks are fake subscription renewal ruses. This group is focused on data extortion and does not encrupt the files.

Mitigation advice

The FBI recommends organizations to implement several mitigations to limit an adversary’s use of common system and network discovery techniques.

Organizations should keep offline backups that are encrypted and immutable for the entire company’s data infrastructure. Implementing policies for remote access and executing only known and trusted applications is also a step towards an improved security stance.

Strong password policies and multifactor authentication are encouraged, along with auditing and managing administrative privileges.

Network segmentation, adding solutions that monitor for abnormal activity, secure RDP usage and up-to-date software components are common recommendations that many companies still have to meet.

Finally, system admins are recommended to turn off unnecessary ports and protocols, add email banners for messages that originate outside the organization, and restrict command-line and scripting activities.

Reference: https://www.bleepingcomputer.com/news/security/fbi-ransomware-gangs-hack-casinos-via-3rd-party-gaming-vendors/

AH



Source link

Latest articles

Chaya_006 Alert: OT Edge Devices Vulnerable to Threats

The Chaya_006 Edge Campaign: Threats Emerge in Operational Technology Forescout Technologies’ Vedere Labs has recently...

Anthropic’s Fable 5 and Mythos 5 Return with Enhanced Security Guardrails

Anthropic Revives Claude Mythos 5 and Claude Fable 5 with Enhanced Security Measures Anthropic has...

Live Webinar: Smarter Cyber Defense for Government and Higher Education

Dr. Tina Carkhuff: A Leader in Data-Driven Public Service Industry Advisor,...

RedLine Infostealer Thread Uncovers Covert Maritime Phishing and BEC Infrastructure

Investigation Reveals Targeted Spear-Phishing and BEC Campaign in Maritime Sector A routine alert from a...

More like this

Chaya_006 Alert: OT Edge Devices Vulnerable to Threats

The Chaya_006 Edge Campaign: Threats Emerge in Operational Technology Forescout Technologies’ Vedere Labs has recently...

Anthropic’s Fable 5 and Mythos 5 Return with Enhanced Security Guardrails

Anthropic Revives Claude Mythos 5 and Claude Fable 5 with Enhanced Security Measures Anthropic has...

Live Webinar: Smarter Cyber Defense for Government and Higher Education

Dr. Tina Carkhuff: A Leader in Data-Driven Public Service Industry Advisor,...