Trend Micro researchers recently discovered a new advanced persistent threat (APT) group that they have dubbed Earth Berberoka (aka GamblingPuppet). Based on their analysis, this group targets gambling websites. Trend Micro’s investigation has also uncovered that Earth Berberoka targets the Windows, Linux, and macOS platforms, and uses malware families that have been historically attributed to Chinese-speaking individuals.
In this blog entry, Trend Micro researchers provide an overview of the Windows malware families used by Earth Berberoka in its campaign. This malware lineup includes tried-and-tested malware families that have been upgraded, such as PlugX and Gh0st RAT, and a brand-new multistage malware family that we have dubbed PuppetLoader.
Source: Trend Micro