Operation DRBControl
0 incidentes
0 paises
0 sectores
apt CN Ultimo: -
Operation DRBControl is a cyberespionage campaign attributed to Chinese threat actors that emerged as early as July 2017, although its spear-phishing activities became notable in May 2019. The group's primary motivation is information theft, specifically targeting databases and source codes from entities in Southeast Asia to gain competitive intelligence. A distinguishing characteristic of Operation DRBControl is its consistent focus on gambling and betting operations within the region, coupled with its use of the legitimate cloud service Dropbox for command and control and data exfiltration. The operation is characterized by its deployment of custom backdoors and its sophisticated approach to evading detection, employing techniques like DLL side-loading. While some reports link its tactics and tools to other Chinese groups such as Winnti and Emissary Panda (APT27), Operation DRBControl itself is not widely recognized under alternative aliases.
Sectores objetivo (SOCRadar)
Betting