The Rise of DarkCasino APT Group Exploiting WinRAR 0-Day

Threat Level – Red | Vulnerability Report
Download PDF

DarkCasino, an APT group with economic motivations, was initially identified in 2021. The group introduced DarkMe, a Trojan Horse program based on Visual Basic. Recently, DarkCasino has been linked to the zero-day exploitation of CVE-2023-38831, an arbitrary code execution vulnerability found in WinRAR software. The group leverages this vulnerability in phishing attacks, launching the final malicious payload, DarkMe.

Threat Level – Red | Actor Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox

Cyber Horizons 2025

What Last Year’s Attacks Reveal About Today’s Risks

Watch the Webinar on-demand and get a FREE copy of our Cyber Horizons 2025 report.

Our Speakers
Speaker 1

Prateek Bhajanka Global Field CISO & Former Gartner Analyst Hive Pro Inc.

Speaker 2

Ankit Mani Manager Threat Intel HiveForce Labs

Speaker 3

Sreevani Tonipe Senior Threat Researcher HiveForce Labs