The Rise of DarkCasino APT Group Exploiting WinRAR 0-Day

Threat Level – Red | Vulnerability Report
Download PDF

DarkCasino, an APT group with economic motivations, was initially identified in 2021. The group introduced DarkMe, a Trojan Horse program based on Visual Basic. Recently, DarkCasino has been linked to the zero-day exploitation of CVE-2023-38831, an arbitrary code execution vulnerability found in WinRAR software. The group leverages this vulnerability in phishing attacks, launching the final malicious payload, DarkMe.

Threat Level – Red | Actor Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox