Enter the ominous realm of cybersecurity, where the enigmatic GambleForce has surfaced, orchestrating a series of startling SQL injection attacks since September 2023. Unveiling their arsenal, a report from Group-IB reveals GambleForce’s adept use of SQL injections and CMS vulnerabilities, targeting industries across the Asia-Pacific region, with six successful breaches.
Distinguished by their reliance on open-source tools like dirsearch and Cobalt Strike, coupled with commands in Chinese, the group’s motives and origins remain shrouded in mystery. Despite the takedown of their command-and-control server by Group-IB, the lingering question persists: How does GambleForce leverage the pilfered information? In the face of this evolving threat, in the article below, the cybersecurity community grapples with the urgent need to prioritize input security and data validation to thwart these sophisticated cyberattacks.