Slovak Cybersecurity Company ESET Reports Series of Cyberattacks in Southeast Asia
ESET, a Slovak company specializing in cybersecurity, has reported a series of cyberattacks against gambling companies in Southeast Asia. The attacks started in October 2021 and continue to this day. The organizer of the attacks is an unnamed hacker group associated with China.
The harmful operation, called “chattygoblin,” uses very specific tactics. Hackers hack popular chat applications used by employees of the support service, such as Comm100 LiveHelp. The hacking is meant for the introduction of the malicious dropper, which is written in C# and leads to downloading and activating the outcome load of the second stage.
As a result of these attacks, cybercriminals gain access to employees’ workstations and install Cobalt Strike on them – a tool for remote control of infected systems. These attacks use weak spots in companies’ security and social engineering to penetrate the network of their victims.
To avoid similar harmful operations, it is recommended to promptly update any software used in the work, as well as to train personnel with the basics of cybersecurity and to use reliable antiviral or EDR solutions.