Member-only story
Cyberattack Against DraftKings, the Delivery of Qbot & a Google Chrome Zero-Day
Dark Roast Intelligence | November 28, 2022
Welcome to this week’s edition of Dark Roast Intelligence. In this article, you’ll find overviews of a recent cyberattack on a sports betting organization, how threat actors are using a Windows zero-day vulnerability to deliver Qbot malware, and the latest vulnerability in Google Chrome.
DraftKings Falls Victim to Credential Stuffing Attack
On November 19th, many DraftKings customers began receiving odd emails that raised some red flags. It turns out they weren’t wrong to be concerned, as many accounts were hacked due to credential stuffing. Credential stuffing is a technique threat actors leverage to inject stolen credentials into login forms of other websites.
In this case, DraftKings customers who were impacted were those whose username and password combination had been leaked elsewhere and was unfortunately the same username and password used for their DraftKings account. To lock the users out, the attackers reset the account passwords or configured multifactor authentication (MFA) and then proceeded to steal any available funds. As of November 22nd, this attack had resulted in the theft of upwards of $300,000, all of which…