Exposing Earth Berberoka

 

Targets

Our research suggests that Earth Berberoka has focused its primary focus on Chinese gambling sites. We have evidence to suggest that the group targeted websites that were not gambling, including one government institute, two information technology services businesses and an electronics manufacturing company.

From December. From December 12, 2020 to April 29, 2022, 15 unauthentic Adobe Flash Player installs were downloaded in China. We also recorded eight redirects to the Adobe Flash Player fraudulent website from websites (five from US news sites and three from unknown websites, two from Hong Kong, and one from Malaysia), and the PlugX DLL-related detection in Taiwan.

Earth Berberoka keyloggers generated logs that indicated that a Malaysian hosting company was compromised. A log file found on the internet also contained an IP address belonging to a Chinese gambling site. Another log file contained the URL of a login page for another Chinese gambling site. These log files have strengthened our conviction that gambling was indeed a key goal of Earth Berberoka.

One of the backdoored apps used by Earth Berberoka can provide clues as to Earth Berberoka’s target countries. The registration is restricted to the US, Canada and countries located in Asia, which includes China, Hong Kong Macao and Taiwan. The encrypted configuration files of examples belonging to Xnote or HelloBot malware families, which the group used to attack Linux users, are another hint. Our research has shown that certain words in the configuration files of examples could be linked to gambling businesses.

Infection vectors

Earth Berberoka used different methods to infect its victims with the malware families it had. These include an untrue cryptocurrency exchange app called MiMi and a website to download the malware-infected Adobe Flash Player.

DIGITAL DEVICES LTD

Long before Apple set an average consumers mindset to replacing their handheld gadgets in two years, Digital Devices Ltd believed in Moore's law that computing will double every two years. With our heritage from the days of IBM Personal Computer XT, our founders have gone through the technology advancements of the 1990s and 2000s realizing that technology is an instrumental part of any business's success. With such a fast pace industry, an IT department can never be equipped with the tools and training needed to maintain their competitive edge. Hence, Digital Devices has put together a team of engineers and vendor partners to keep up with the latest industry trends and recommend clients on various solutions and options available to them. From forming close relationships with networking and storage vendors like Juniper, SolarWinds and VMWare to high-performance computing by HPE or AWS Cloud solutions, Digital Devices Limited offers the latest technology solutions to fit the ever-growing needs of the industry.

 Our experts can guide you through the specifications and build cost efficiencies while providing high end, state-of-the-art customer services. We research and analyses market and its current demand and supply chain by offering wide range of bulk supplies of products like AKG C414 XLII, Shireen Cables DC-1021, Shireen Cables DC-2021, Dell p2419h monitor, Dell U2419H, Dell P2719H, Dell P2219H, Lenovo 62A9GAT1UK, LG 65UH5F-H and Complete IT Infrastructure products and services.