Hackers target gambling games primarily due to the lucrative financial opportunities they present. The online gambling industry is a rich territory for threat actors seeking to exploit vulnerabilities for “financial gain” and “data theft.”
Cybersecurity analysts at ASEC recently discovered that the threat actors have been actively distributing notorious WrnRAT by mimicking as gambling games.
ASEC recently uncovered a sophisticated malware operation where threat actors created misleading websites offering popular Korean gambling games like “badugi,” “2-player go-stop,” and “hold’em” to distribute malicious software.
Strategies to Defend Websites & APIs from Malware Attack -> Free Webinar
WrnRAT Delivered As Gambling Games
When users download what appears to be a game launcher, the system initiates a “multi-stage infection process” in which the batch script (containing Korean language comments) is executed first,…