DarkCasino  (Back to overview)

DarkCasino is an economically motivated APT group that targets online trading platforms, including cryptocurrencies, online casinos, network banks, and online credit platforms. They are skilled at stealing passwords to access victims' online accounts and have been active for over a year. DarkCasino exploits vulnerabilities, such as the WinRAR vulnerability CVE-2023-38831, to launch phishing attacks and steal online property.

Associated Families

There are currently no families associated with this actor.

The New APT Group DarkCasino and the Global Surge in WinRAR 0-Day Exploits
Cobalt Strike Konni DarkCasino Opal Sleet

Credits: MISP Project