🏴‍☠️Hackers targeted iGaming payment gateways through counterfeit data libraries

🏴‍☠️Hackers targeted iGaming payment gateways through counterfeit data libraries

Malicious software, disguised as widely used data-processing components, enabled attackers to covertly alter user balances, round outcomes, and transaction histories. The modifications were implemented in a way that appeared legitimate and passed internal verification checks.

🔣 The incident was classified as a supply chain attack (supply chain attack). The code updated instructions from a command-and-control server every 30 seconds, complicating detection through standard security tools.

🔣 The malware was identified within a software module directory. In addition to financial manipulation, the perpetrators conducted confidential data exfiltration through a dedicated channel created for remote server control.

🔣 Following the discovery of the threat, the compromised packages were removed from the NPM repository. Developers were advised to conduct an urgent audit of dependencies.

🔣 Possible origin❓— it is not ruled out that the attackers were linked to Chinese actors, as since 2023 the deployment of the PeckBirdy framework has been observed on gambling websites. Experts associate PeckBirdy with the groups TheWizards, UNC3569, and Earth Lusca (Aquatic Panda).

#news #gambling #fraud #China

🏦 Payouter.com — reliable payment partner in the CIS and 🇮🇳India: Intent, UPI P2C conversion 54% on FTD