Member
- Joined
- Oct 14, 2023
- Messages
- 225
- Thread Author
- #1
Customers and casino employees should not call unfamiliar numbers to "secure" their systems.
The FBI warns of a growing number of cyber attacks on gambling businesses. Especially vulnerable are small establishments and, oddly enough, casinos owned by Native Americans. Criminals use remote access programs from third-party vendors.
The focus of law enforcement was the Silent Ransom Group (SRG), also known as Luna Moth. Attackers use an interesting technique called "reverse phishing".
The victim is sent a fake notification that suspicious activity has been detected in their system, sent a link with further instructions, and offered to call the number indicated in the message on their own. The operator, who introduces himself as a support employee, asks the user to install a program for remote access, ostensibly to solve the problem as soon as possible. Such tools may be completely legal, but attackers are adept at exploiting them for their own purposes.
Roger Grimes, a cybersecurity expert at Knowbe4, describes reverse phishing as "an advanced form of phishing." Interestingly, phone numbers are used instead of traditional web links. Messages containing these numbers come in the form of non-clickable images, which allows scammers to "trick" text filters.
As a result, victims contact either intermediaries from foreign call centers, or directly with the group carrying out the attack.
"The ultimate goal of reverse phishing, whether done by ransomware groups or common scammers, is to convince the victim to install malware on their device," Grimes said.
Reverse phishing methods no longer require the use of specialized Trojans or backdoors. Instead, attackers use legitimate or semi-legitimate services. Once these services are compromised, hackers can install additional malware, scripts, and screen monitoring programs.
The FBI strongly recommends that users and organizations regularly back up their data and store it in encrypted form. It is also important to periodically check the security level from external vendors and external software/hardware.
The FBI warns of a growing number of cyber attacks on gambling businesses. Especially vulnerable are small establishments and, oddly enough, casinos owned by Native Americans. Criminals use remote access programs from third-party vendors.
The focus of law enforcement was the Silent Ransom Group (SRG), also known as Luna Moth. Attackers use an interesting technique called "reverse phishing".
The victim is sent a fake notification that suspicious activity has been detected in their system, sent a link with further instructions, and offered to call the number indicated in the message on their own. The operator, who introduces himself as a support employee, asks the user to install a program for remote access, ostensibly to solve the problem as soon as possible. Such tools may be completely legal, but attackers are adept at exploiting them for their own purposes.
Roger Grimes, a cybersecurity expert at Knowbe4, describes reverse phishing as "an advanced form of phishing." Interestingly, phone numbers are used instead of traditional web links. Messages containing these numbers come in the form of non-clickable images, which allows scammers to "trick" text filters.
As a result, victims contact either intermediaries from foreign call centers, or directly with the group carrying out the attack.
"The ultimate goal of reverse phishing, whether done by ransomware groups or common scammers, is to convince the victim to install malware on their device," Grimes said.
Reverse phishing methods no longer require the use of specialized Trojans or backdoors. Instead, attackers use legitimate or semi-legitimate services. Once these services are compromised, hackers can install additional malware, scripts, and screen monitoring programs.
The FBI strongly recommends that users and organizations regularly back up their data and store it in encrypted form. It is also important to periodically check the security level from external vendors and external software/hardware.