{"id":683,"date":"2023-02-06T16:38:02","date_gmt":"2023-02-06T16:38:02","guid":{"rendered":"https:\/\/news4hacker.com\/?p=683"},"modified":"2023-05-18T20:10:43","modified_gmt":"2023-05-18T20:10:43","slug":"ice-breaker-cyberattacks-threatening-the-gaming-gambling-industry","status":"publish","type":"post","link":"https:\/\/reconcybersecurity.com\/blogs\/ice-breaker-cyberattacks-threatening-the-gaming-gambling-industry\/","title":{"rendered":"Ice Breaker Cyberattacks Threatening the Gaming &#038; Gambling Industry"},"content":{"rendered":"\n<p>The gaming and gambling industries are under attack from a new campaign known as &#8220;Ice Breaker&#8221;. This cyberattack campaign has been targeting these industries since September 2022, just ahead of the upcoming <a href=\"https:\/\/www.icelondon.uk.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">2023 ICE London<\/a> gaming industry trade fair event.<\/p>\n\n\n\n<p>An Israeli cybersecurity firm, <strong>Security Joes<\/strong>, is closely monitoring the &#8220;<strong>Ice Breaker<\/strong>&#8221; activity. According to their findings, the intrusions use social engineering tactics to deploy a JavaScript backdoor. The attackers pretend to be a customer and start a conversation with a support agent of a gaming website. They then ask the support agent to open a screenshot image hosted on <strong>Dropbox<\/strong>, which, if clicked, leads to the retrieval of a harmful LNK payload.<\/p>\n\n\n\n<p>The JavaScript file contains the typical features of a backdoor, such as the ability to steal passwords and cookies, exfiltrate files, take screenshots, and even open a reverse proxy on the infected host.<\/p>\n\n\n\n<p>The origins of the attackers are still unknown, but they have been seen using broken English during their conversations with customer service agents. MalwareHunterTeam shared some indicators of compromise (<strong>IoCs<\/strong>) associated with this campaign back in October 2022.<\/p>\n\n\n\n<p>According to <strong>Felipe Duarte<\/strong>, a senior threat researcher at <a href=\"https:\/\/www.securityjoes.com\/post\/operation-ice-breaker-targets-the-gam-bl-ing-industry-right-before-it-s-biggest-gathering\" target=\"_blank\" rel=\"noreferrer noopener\">Security Joes<\/a>, the gaming and gambling industry is vulnerable to a highly effective type of attack. The malware used in this particular attack is extremely complicated, suggesting that the attackers behind it have a great deal of expertise and may be backed by someone with a vested interest.<\/p>\n\n\n\n<p><strong>Found this article interesting?<\/strong>\u00a0You can follow us on\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/www.instagram.com\/news_4hacker\/\" target=\"_blank\">Instagram<\/a>\u00a0or\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/www.linkedin.com\/in\/news-4hacker-0a7516225\/\" target=\"_blank\">LinkedIn<\/a>\u00a0to stay up-to-date with the exclusive content we post.<\/p>\n","protected":false},"excerpt":{"rendered":"The gaming and gambling industries are under attack from a new campaign known as &#8220;Ice Breaker&#8221;. This cyberattack&hellip;\n","protected":false},"author":1,"featured_media":685,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[241],"tags":[420,240,1058,619,1091,1061,1092,1093,1060,1094,1095],"class_list":{"0":"post-683","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-it-knowledge","8":"tag-cyber-attacks","9":"tag-cyber-security","10":"tag-cyber-security-news","11":"tag-gambling-industry","12":"tag-gaming-industry","13":"tag-hacking-news","14":"tag-ice-breaker","15":"tag-javascript-backdoor","16":"tag-latest-hacking-news","17":"tag-lnk-payload","18":"tag-security-joes"},"_links":{"self":[{"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/posts\/683","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/comments?post=683"}],"version-history":[{"count":1,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/posts\/683\/revisions"}],"predecessor-version":[{"id":11202,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/posts\/683\/revisions\/11202"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/media?parent=683"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/categories?post=683"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/reconcybersecurity.com\/blogs\/wp-json\/wp\/v2\/tags?post=683"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}