Cybersecurity researchers at Trend Micro have identified a malicious
JScript-based framework known as PeckBirdy, which has been used by
China-linked APT groups since at least 2023 to target
Chinese iGaming websites, as well as government bodies and private organisations across Asia.
The findings were reported by Securitylab.
According to Trend Micro, PeckBirdy plays a central role in the
SHADOW-VOID-044 campaign, where attackers compromised gambling platforms by
injecting malicious scripts directly into websites. These scripts were then used to distribute malware disguised as
fake Google Chrome browser updates.
Once installed, the malware deployed backdoors, enabling attackers to gain
persistent remote access to victim devices and internal systems.
