Don't Play Poker on an Infected Table
0
The scammy Euro VIP Casino is making another round this afternoon and trying to entice the spammed European users into downloading its software by promising $400 as a welcome bonus. Needless to say you ought to ignore it. Here's a full list of the typosquatted domains serving the scams.Detection rate : Result: 11/32 (34.38%)
File size: 461341 bytes
MD5: e68763c16f31de340681b2c7c7eb6b0e
SHA1: 6174960cf5a6c503b97c9160f5e6a5babfef96e9
Online gambling is a buzz Internet activity allowing malicious parties to enjoy the "pull effect" by end users who themselves look for and download such applications. In this spamming campaign, however, we have a combination of a "push" approach, segmentation targeting European users, social engineering in the form of a promotion, and typosquatting. The first campaign (SetupCasino.exe) is currently hosted in China (116.199.136.29) on a host managing a second online gambling scam campaign impersonating Golden Gate Casino (SmartDownload.exe) under the following domains topgamecasino.net; superroyalcasino.com; nlymycasino.cn; lookforcasino.cn
About Dancho Danchev
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
0 Comments: