Hackers have been targeting online gaming and gambling companies with what appears to be a previously unseen backdoor that researchers have named IceBreaker.
The compromise method relies on tricking customer service agents into opening malicious screenshots the threat actor sends under the guise of a user facing a problem.
Such attacks have been happening since at least September 2022. The group behind them remains unknown, with indistinct clues pointing to their origin.
Researchers at incident response firm Security Joes believe that the IceBreaker backdoor is a the work of a new advanced threat actor that uses "a very specific social engineering technique," which could lead to a more clear picture of who they are.
After analyzing the data from an incident in September, Security Joes was able to respond to three other attacks before the hackers could compromise their targets.
The researchers say that the only public evidence of the IceBreaker threat actor they could find was a
tweet from MalwareHunterTeam in October.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
