Southeast Asian gambling industry targeted by Chinese hacking operation

Southeast Asia's gambling industry has been subjected to cyberattacks by Chinese threat actors involving the exploitation of Microsoft Edge, McAfee VirusScan, and Adobe Creative Cloud executables to facilitate malware infections, according to The Record, a news site by cybersecurity firm Recorded Future. Attackers behind the new campaign have leveraged malware and infrastructure associated with Chinese cyberespionage operation Bronze Starlight but also utilized malware loaders linked to Operation ChattyGoblin first identified by ESET researchers in March, a Secureworks report showed. Widely used Ivacy VPN products have also been targeted in the attacks, with hackers obtaining code signing keys from the company's Singapore-based vendor PMG PTE. While the intrusions involved the use of the HUI Loader, malware deployed in the campaign was found to be designed to avoid execution in devices located in the U.S., Canada, Germany, Russia, India, France, and the UK. "It is noteworthy that Chinese cyber espionage threat actors are progressively refining their operational tactics in manners that obfuscate clear attribution through publicly available intelligence sources alone," said researchers.