Member-only story

Cyberattack Against DraftKings, the Delivery of Qbot & a Google Chrome Zero-Day

Dark Roast Intelligence | November 28, 2022

Katlyn Gallo
Dark Roast Security
6 min readNov 28, 2022

--

image by author

Welcome to this week’s edition of Dark Roast Intelligence. In this article, you’ll find overviews of a recent cyberattack on a sports betting organization, how threat actors are using a Windows zero-day vulnerability to deliver Qbot malware, and the latest vulnerability in Google Chrome.

DraftKings Falls Victim to Credential Stuffing Attack

On November 19th, many DraftKings customers began receiving odd emails that raised some red flags. It turns out they weren’t wrong to be concerned, as many accounts were hacked due to credential stuffing. Credential stuffing is a technique threat actors leverage to inject stolen credentials into login forms of other websites.

In this case, DraftKings customers who were impacted were those whose username and password combination had been leaked elsewhere and was unfortunately the same username and password used for their DraftKings account. To lock the users out, the attackers reset the account passwords or configured multifactor authentication (MFA) and then proceeded to steal any available funds. As of November 22nd, this attack had resulted in the theft of upwards of $300,000, all of which…

--

--

Dark Roast Security
Dark Roast Security

Published in Dark Roast Security

Dark Roast Security’s mission is to inspire, educate, and share ideas about InfoSec. Follow to join our community!

Katlyn Gallo
Katlyn Gallo

Written by Katlyn Gallo

Coffee lover, bookworm, and InfoSec enthusiast | Find me on Twitter & Instagram: @ktgblogstech

No responses yet