Gaming, gambling sectors impacted by Ice Breaker attack campaign

Organizations in the gaming and gambling industries have been subjected to new Ice Breaker attacks leveraging social engineering for JavaScript backdoor deployment since September, according to The Hacker News. Attackers part of the Ice Breaker campaign commence compromise by impersonating customers with account registration issues in conversations with gaming firms' support agents in an effort to lure targets into opening a Dropbox-hosted screenshot, a report from Security Joes showed. Opening the screenshot would either prompt retrieval of an LNK payload facilitating the download and execution of a JavaScript file with several backdoor features or a VBS downloader that ends with the execution of the Houdini remote access trojan. "This is a highly effective attack vector for the gaming and gambling industry. The never-seen-before compiled JavaScript second-stage malware is highly complex to dissect, showing that we are dealing with a skilled threat actor with the potential of being sponsored by an interest owner," said Security Joes Senior Threat Researcher Felipe Duarte.