{"id":303203,"date":"2023-12-14T06:47:47","date_gmt":"2023-12-14T12:47:47","guid":{"rendered":"https:\/\/www.casino.org\/news\/?p=303203"},"modified":"2023-12-17T05:14:28","modified_gmt":"2023-12-17T11:14:28","slug":"emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide","status":"publish","type":"post","link":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/","title":{"rendered":"GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide"},"content":{"rendered":"<p>Cybersecurity firm Group-IB has uncovered a previously unknown threat group called GambleForce, which has been targeting websites in various industries across at least eight countries.<\/p>\n<figure id=\"attachment_303202\" aria-describedby=\"caption-attachment-303202\" data-style=\"width: 858px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-post-thumbnail-858xAUTO wp-image-303202\" src=\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard-858x483.webp\" alt=\"A man typing on a laptop keyboard\" width=\"858\" height=\"483\" srcset=\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard-858x483.webp 858w, https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard-430x242.webp 430w, https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp 1266w\" sizes=\"(max-width: 858px) 100vw, 858px\" \/><figcaption  id=\"caption-attachment-303202\"class=\"text-description\">A man typing on a laptop keyboard. A new cybercriminal group has emerged that is targeting online gambling and other sites. (Image: Alamy)<\/figcaption><\/figure>\n<p>Group-IB detailed the operations in a <a href=\"https:\/\/www.group-ib.com\/media-center\/press-releases\/gambleforce-gang\/\" class=\"broken_link\">press release<\/a> issued Thursday. The organization explained that GambleForce employs basic but effective techniques like SQL injections and exploiting vulnerable website content management systems to steal sensitive information like user credentials.<\/p>\n<p>The name GambleForce alludes to the group&#8217;s initial focus on gambling websites. However, the criminal group has reportedly expanded its attacks. Group-IB has hit gambling, government, retail, and travel websites in Australia, China, India, Indonesia, the Philippines, South Korea, Thailand and Brazil.<\/p>\n<p>In September, the cybersecurity firm&#8217;s threat intelligence team first identified GambleForce&#8217;s command and control (CnC) server. The server houses the group&#8217;s hacking tools, including sqlmap, a popular open-source penetration testing tool for identifying and exploiting vulnerable database servers through SQL injections.<\/p>\n<p>Group-IB&#8217;s Computer Emergency Response Team (CERT) successfully took down the CnC server and notified identified GambleForce victims. While it identified the target countries, the company didn&#8217;t name the specific victims of the attacks.<\/p>\n<h2>How GambleForce Operates<\/h2>\n<p>GambleForce relies solely on open-source tools for initial access, reconnaissance, and data exfiltration, along with Cobalt Strike, a penetration testing software commonly used by hackers. The version of Cobalt Strike discovered on GambleForce&#8217;s server utilized <a href=\"https:\/\/www.casino.org\/news\/chinas-ministry-of-state-security-allegedly-hacking-online-gambling-platforms\/\">Chinese language<\/a> commands, but Group-IB&#8217;s researchers caution that this alone is insufficient to determine the group&#8217;s origin.<\/p>\n<p>Between September and December 2023, GambleForce targeted 24 organizations. Among these were travel websites in Australia and Indonesia, a retail website in Indonesia, a government website in the Philippines, and a gambling site in <a href=\"https:\/\/www.casino.org\/news\/south-koreas-casinos-continue-to-rebound-as-travel-restrictions-ease\/\">South Korea<\/a>.<\/p>\n<div class=\"callout\">\n<p>The attack vectors vary, with one instance involving the exploitation of CVE-2023-23752. According to the National Institute of Standards and Technology, this is a known vulnerability in the Joomla CMS (content management system) that allows hackers to bypass security restrictions.<\/p>\n<\/div>\n<p>Data from WebTribunal.net shows that more than 2.5 million websites worldwide use Joomla. Among these are Harvard University, Ikea, the UK&#8217;s National Crime Agency, and the Swiss Federal Audit Office. A search on the CMS used by most major online gaming platforms didn&#8217;t identify one using Joomla.<\/p>\n<p>Another example involved data extraction from website contact form submissions. This showcases GambleForce&#8217;s ability to exploit diverse entry points.<\/p>\n<h2>Questions Unresolved<\/h2>\n<p>Researchers found GambleForce&#8217;s data theft approach alarming, as it didn&#8217;t target specific information. Instead, the group attempted to extract all possible data from compromised databases, including both hashed and <a href=\"https:\/\/www.casino.org\/news\/mexican-online-casino-leaks-user-data-after-making-rookie-error\/\">plain-text<\/a> user credentials.<\/p>\n<p><strong>Group-IB is still investigating how the group utilizes or monetizes the stolen data. In some instances, GambleForce, either by design or flaw, could only connect to the target without gaining entrance.<\/strong><\/p>\n<p>If this is by design, it could mean that the group is compiling a list of potential targets it wants to hit later. If it&#8217;s a flaw in the code, then GambleForce&#8217;s hackers are likely working on a fix and a way to attack without being detected.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity firm Group-IB has uncovered a previously unknown threat group called GambleForce, which has been targeting websites in various industries across at least eight countries. Group-IB detailed the operations in a press release issued Thursday. The organization explained that GambleForce employs basic but effective techniques like SQL injections and exploiting vulnerable website content management systems [&hellip;]<\/p>\n","protected":false},"author":64,"featured_media":303202,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[62,21],"tags":[83996,82205,13720],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide - Casino.org<\/title>\n<meta name=\"description\" content=\"Cybersecurity experts have identified a new hacker group, GambleForce, that is attacking online gambling sites and others.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide - Casino.org\" \/>\n<meta property=\"og:description\" content=\"Cybersecurity experts have identified a new hacker group, GambleForce, that is attacking online gambling sites and others.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/\" \/>\n<meta property=\"og:site_name\" content=\"Casino.org\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Casino.OrgNews\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-14T12:47:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-17T11:14:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1266\" \/>\n\t<meta property=\"og:image:height\" content=\"712\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Erik Gibbs\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Casino_Org\" \/>\n<meta name=\"twitter:site\" content=\"@Casino_Org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Erik Gibbs\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/\",\"url\":\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/\",\"name\":\"GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide - Casino.org\",\"isPartOf\":{\"@id\":\"https:\/\/www.casino.org\/news\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp\",\"datePublished\":\"2023-12-14T12:47:47+00:00\",\"dateModified\":\"2023-12-17T11:14:28+00:00\",\"author\":{\"@id\":\"https:\/\/www.casino.org\/news\/#\/schema\/person\/21bf33e35290a1da9c572298dac6b7ca\"},\"description\":\"Cybersecurity experts have identified a new hacker group, GambleForce, that is attacking online gambling sites and others.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#primaryimage\",\"url\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp\",\"contentUrl\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp\",\"width\":1266,\"height\":712,\"caption\":\"A man typing on a laptop keyboard. A new cybercriminal group has emerged that is targeting online gambling and other sites. (Image: Alamy)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"News\",\"item\":\"https:\/\/www.casino.org\/news\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Crime &amp; Scandals\",\"item\":\"https:\/\/www.casino.org\/news\/scandals\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.casino.org\/news\/#website\",\"url\":\"https:\/\/www.casino.org\/news\/\",\"name\":\"Casino.org\",\"description\":\"Latest Casino and Gaming News\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.casino.org\/news\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.casino.org\/news\/#\/schema\/person\/21bf33e35290a1da9c572298dac6b7ca\",\"name\":\"Erik Gibbs\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.casino.org\/news\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/03\/cropped-13-96x96.png\",\"contentUrl\":\"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/03\/cropped-13-96x96.png\",\"caption\":\"Erik Gibbs\"},\"description\":\"Erik Gibbs covers global gaming news for Casino.org. His scope includes Europe, Latin America, the Caribbean and Asia. Erik has covered gaming markets in Europe and Asia for the past six years. Erik joined Casino.org in November 2021. Erik has written for numerous gambling- and a handful of industry publications has quoted casino-related media outlets over the years and. He is always excited to bring a new perspective on what's happening in the gaming space. Erik enjoys following the global gaming industry, paying particular attention to innovation and regulation. Originally from the US, Erik has spent extensive time living in various countries across the globe. He enjoys anything that has to do with the outdoors and exploration, although he readily admits that he would have no trouble spending all day fishing on a boat. He currently resides in Spain. Contact Erik at erik.gibbs@casino.org.\",\"url\":\"https:\/\/www.casino.org\/news\/author\/erik-gibbs\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide - Casino.org","description":"Cybersecurity experts have identified a new hacker group, GambleForce, that is attacking online gambling sites and others.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/","og_locale":"en_US","og_type":"article","og_title":"GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide - Casino.org","og_description":"Cybersecurity experts have identified a new hacker group, GambleForce, that is attacking online gambling sites and others.","og_url":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/","og_site_name":"Casino.org","article_publisher":"https:\/\/www.facebook.com\/Casino.OrgNews","article_published_time":"2023-12-14T12:47:47+00:00","article_modified_time":"2023-12-17T11:14:28+00:00","og_image":[{"width":1266,"height":712,"url":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp","type":"image\/webp"}],"author":"Erik Gibbs","twitter_card":"summary_large_image","twitter_creator":"@Casino_Org","twitter_site":"@Casino_Org","twitter_misc":{"Written by":"Erik Gibbs","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/","url":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/","name":"GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide - Casino.org","isPartOf":{"@id":"https:\/\/www.casino.org\/news\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#primaryimage"},"image":{"@id":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#primaryimage"},"thumbnailUrl":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp","datePublished":"2023-12-14T12:47:47+00:00","dateModified":"2023-12-17T11:14:28+00:00","author":{"@id":"https:\/\/www.casino.org\/news\/#\/schema\/person\/21bf33e35290a1da9c572298dac6b7ca"},"description":"Cybersecurity experts have identified a new hacker group, GambleForce, that is attacking online gambling sites and others.","breadcrumb":{"@id":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#primaryimage","url":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp","contentUrl":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/12\/A-man-typing-on-a-laptop-keyboard.webp","width":1266,"height":712,"caption":"A man typing on a laptop keyboard. A new cybercriminal group has emerged that is targeting online gambling and other sites. (Image: Alamy)"},{"@type":"BreadcrumbList","@id":"https:\/\/www.casino.org\/news\/emerging-hacker-group-gambleforce-hitting-gambling-and-other-sites-worldwide\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"News","item":"https:\/\/www.casino.org\/news\/"},{"@type":"ListItem","position":2,"name":"Crime &amp; Scandals","item":"https:\/\/www.casino.org\/news\/scandals\/"},{"@type":"ListItem","position":3,"name":"GambleForce Hacker Group Hitting Gambling and Other Sites Worldwide"}]},{"@type":"WebSite","@id":"https:\/\/www.casino.org\/news\/#website","url":"https:\/\/www.casino.org\/news\/","name":"Casino.org","description":"Latest Casino and Gaming News","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.casino.org\/news\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.casino.org\/news\/#\/schema\/person\/21bf33e35290a1da9c572298dac6b7ca","name":"Erik Gibbs","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.casino.org\/news\/#\/schema\/person\/image\/","url":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/03\/cropped-13-96x96.png","contentUrl":"https:\/\/www.casino.org\/news\/wp-content\/uploads\/2023\/03\/cropped-13-96x96.png","caption":"Erik Gibbs"},"description":"Erik Gibbs covers global gaming news for Casino.org. His scope includes Europe, Latin America, the Caribbean and Asia. Erik has covered gaming markets in Europe and Asia for the past six years. Erik joined Casino.org in November 2021. Erik has written for numerous gambling- and a handful of industry publications has quoted casino-related media outlets over the years and. He is always excited to bring a new perspective on what's happening in the gaming space. Erik enjoys following the global gaming industry, paying particular attention to innovation and regulation. Originally from the US, Erik has spent extensive time living in various countries across the globe. He enjoys anything that has to do with the outdoors and exploration, although he readily admits that he would have no trouble spending all day fishing on a boat. He currently resides in Spain. Contact Erik at erik.gibbs@casino.org.","url":"https:\/\/www.casino.org\/news\/author\/erik-gibbs\/"}]}},"_links":{"self":[{"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/posts\/303203"}],"collection":[{"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/users\/64"}],"replies":[{"embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/comments?post=303203"}],"version-history":[{"count":6,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/posts\/303203\/revisions"}],"predecessor-version":[{"id":303630,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/posts\/303203\/revisions\/303630"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/media\/303202"}],"wp:attachment":[{"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/media?parent=303203"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/categories?post=303203"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.casino.org\/news\/wp-json\/wp\/v2\/tags?post=303203"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}