The Ice Breaker: The New Threat Knocking on the Door of Gaming and Gambling Industry!

The gaming and gambling sectors are under attack and the clock is ticking down to the start of the ICE London 2023 gaming industry trade fair next week. This new attack campaign is unlike anything the industry has ever seen before, employing clever social engineering tactics to deploy a dangerous JavaScript backdoor.

The Israeli cybersecurity company, Security Joes, is on the case, tracking the activity cluster known as the Ice Breaker. The attackers pose as customers with account registration issues and initiate a conversation with support agents under the guise of needing assistance. But their real intentions become clear when they urge the agent to open a screenshot image hosted on Dropbox.

Clicking the image leads to a payload that retrieves either an LNK or a VBScript file. The former is configured to download and run an MSI package that contains a Node.js implant. This implant is loaded with features that enable the attacker to steal passwords and cookies, take screenshots, run VBScript from a remote server, and even open a reverse proxy on the compromised host.

If the victim executes the VBS downloader, the infection culminates in the deployment of the Houdini remote access trojan. The origins of the threat actors are unknown, but they have been observed using broken English in their conversations with customer service agents.

"We are dealing with a highly skilled threat actor who shows the potential of being sponsored by an interest owner," warns Felipe Duarte, a senior threat researcher at Security Joes. "This new attack vector is highly effective and must not be taken lightly by the gaming and gambling industry."

Don't let the Ice Breaker catch you off guard. Stay ahead of the game and protect your business from this dangerous threat.

Thank you for reading our blog today. We hope you found the information helpful and informative. If you enjoyed this blog, be sure to follow us on Twitter, Instagram, Linkedin, GitHub, Website, and Youtube for more exciting content and updates. If you have any questions or comments, please feel free to reach out to us. We would love to hear from you. Don't forget to share this with your friends and family who may also find this information useful. Thank you for your support and stay tuned for more!