Kompromitovani kazino serveri (admiralbet.rs)(neprovereno)

Kompromitovani kazino serveri (admiralbet.rs)(neprovereno) - Printable Version

+- Bezbedan Balkan (https://bezbedanbalkan.net)
+-- Forum: Bezbednost privatnih resursa (https://bezbedanbalkan.net/forum-12.html)
+--- Forum: Kompromitovani resursi (https://bezbedanbalkan.net/forum-13.html)
+--- Thread: Kompromitovani kazino serveri (admiralbet.rs)(neprovereno) (/thread-1173.html)

Kompromitovani kazino serveri (admiralbet.rs)(neprovereno) - VincaSec - 01-20-2024

Neovlašćeni RDP pristup kazino serverima se prodaje na hakerskom forumu, potencijalno kompromitujući osetljive podatke i omogućavajući napadačima da steknu kontrolu nad kazino sistemima.

Kompromitovana kazina su onemogućila svoje zaštitne zidove i rade na Windows Defender-u, što ih čini ranjivijim na sajber napade.

Napadači imaju pristup izveštajima o prihodima, opkladama, pobedama i gubicima u realnom vremenu, pružajući dragocene informacije za prevaru i manipulaciju.

Kompromitovani kazina čuvaju korisničke podatke, uključujući brojeve telefona, e-poštu, imena i rođendane, koji se mogu koristiti za krađu identiteta ili ciljane napade.

Primetio sam da je ovde i uključen Admiralbet

Datum detekcije: 29 Dec 2023 01:00

Filename: admiralbet.png Size: 166.28 KB 01-20-2024, 11:26 AM

Filename: casino.png Size: 47.38 KB 01-20-2024, 11:28 AM

RE: Kompromitovani kazino serveri (admiralbet.rs)(neprovereno) - VincaSec - 01-20-2024

Evo još:

Filename: casino2.png Size: 54.59 KB 01-20-2024, 11:32 AM

Quote:Live Casino-Servers
(Windows Server 2016-19)
RDP/Anydesk
Access includes >
Central Servers with 30+ Casinos connected. (WINBET)
Admin credentials - Servers/Database/Mikrotik/Tplink/Synology/Casino Computers;
Direct Access via (RDP/Anydesk/TeamViwer) to a Windows Server.
Administrators/Owner Privilege into every device/application connected to the same network.
System Manuals.
All of the Casinos are >
Operating 24/7 under a Service.
Have their Fire-Wall Disabled.
Run under Windows Defender.
LTD Examples >
Winbet/Inbet/Butami/Regency
Country Examples >
Bulgaria/Georgia/Africa/Serbia/Albania
ZoomInfo on Some LTD's >
https://www.zoominfo.com/c/euro-games-technology-ltd/42143089 / Main Corp (Manufacturer)
https://www.zoominfo.com/c/casino-batumi/564438505 /Casinos In Georgia 5 in total.
https://www.zoominfo.com/c/winbet-affiliates/514223837 /Winbet Casinos 50+ Servers
https://www.zoominfo.com/c/euro-games-technology/464017525 /Main Corp (Manufacturer)
https://www.zoominfo.com/c/monte-casino--gaming-clubs/1311400139 /Casinos 5+ Servers
https://www.zoominfo.com/c/admiralbet/536872587 /Winbet Serbia Casinos 15+
Spoiler: Russian
Sale of Live-Casino servers with RDP/Anydesk administrator access.
In particular, access includes: administrator login to each device and application in the Casino.
Example - Backup Device, Casino Applications, Mikrotik, TPLink, Synology, etc.
https://***
Price Range
(Negotiable) Per X Server/Access-Type/Casino-Size;
Order Example
WinBet Central-Server 30+ Casinos connected >
(including, each server's credentials, back-up device credentials etc.)
/ 63 BTC /
Order Example
Regency-Albania - 3 floors - 500+ Gaming Machines - 1 Server +1 Backup Server >
/ 227 BTC /
Order Example
Anydesk - Owners Access 5x >
Georgia @ InterBET/Gonio
Georgia @ Shans
Georgia @ Crystal BET
Georgia @ City Slot Batumi
Georgia @ Lion
/ 5.09 BTC /

RE: Kompromitovani kazino serveri (admiralbet.rs)(neprovereno) - VincaSec - 01-20-2024

Filename: casino3.png Size: 82.5 KB 01-20-2024, 11:40 AM

Filename: casino4.png Size: 80.62 KB 01-20-2024, 11:44 AM

RE: Kompromitovani kazino serveri (admiralbet.rs)(neprovereno) - 1van - 01-20-2024

Sa SOCRadar, ali u ovoj verziji ne mogu da vidim detalje. Izgleda da im je preuzeto par webmail naloga.

Filename: AdmiralBet_SOCRadar1.png Size: 183.04 KB 01-20-2024, 12:23 PM

RE: Kompromitovani kazino serveri (admiralbet.rs)(neprovereno) - 1van - 01-20-2024

A 185.29.102.223
MX 185.22.145.38 185.255.9.205