Cybersecurity experts noticed a new illicit revenue-generating activity among North Korean hackers: building malware-laced gambling websites and selling them to other cybercriminals.
In other words, the activity could be perceived as a specific branch of malware-as-a-service (MaaS) that grants access to a fully fledged rogue website instead of a singular piece of malware.
The discovery was made by South Korea’s National Intelligence Service (NIS), which pointed out that several South Korean cybercrime groups have already bought malicious websites from the North Korean perpetrators.
Reportedly, the group responsible for building and spreading the malware-ridden gambling websites is “Gyeongheung,” an IT organization affiliated with North Korea’s Labor Party Room 39. The latter is a secretive North Korean party organization that allegedly finances and manages foreign currency slush funds for leaders of the country.
To bypass UN Security Council sanctions that prohibit employing North Korean workers, Gyeongheung members forged Chinese identification cards and stole career credentials from IT industry workers.
Cybercriminals can rent a malicious gambling website for approximately $5,000 per month. If they need tech support from the website’s creators, customers must shell out an additional $3,000. Reportedly, for websites that can gather a large amount of bank account details from Chinese nationals’ Paypal accounts, the digital tenants must pay the owners an additional $2,000 to $5,000 fee.
The NIS believes the perpetrators behind the recent gambling website scam have already amassed millions of dollars in profit.
According to the agency, the rogue websites concealed malicious code in an automated betting feature, which was used to harvest personally identifiable information (PII) from unsuspecting gamblers. Threat actors have already attempted to sell roughly 1,100 bits of PII of South Korean citizens.
Landing on malicious websites could spell disaster for the integrity of your devices, personal data, and digital or physical assets. Specialized software like Bitdefender Ultimate Security can protect your devices, preventing intrusions and deterring viruses, worms, Trojans, zero-day exploits, spyware, ransomware, rootkits, and other digital threats.
Bitdefender Digital Identity Protection can boost your online security by granting you a comprehensive overview of your digital presence, including traces from services you no longer use. It notifies you if your PII has been leaked in a data breach, letting you instantly patch holes and weak points in your digital footprint.
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsNovember 14, 2024
September 06, 2024