A naukri.com initiative
TechCrunch
3w
70
Image Credit: TechCrunch
Researchers link Polyfill supply chain attack to huge network of copycat gambling sites
- FUNNULL used the domain to essentially carry out a supply chain attack.
- Researchers at Silent Push say they mapped out a network of thousands of Chinese gambling sites and linked it to FUNNULL.
- FUNNULL was using its access to Polyfill.io to inject malware and redirect website visitors to that malicious network of casino and online gambling sites.
- Around 40,000 mostly Chinese-language websites hosted by FUNNULL are identified which appeared to impersonate online gambling and casino brands including Sands, the Grand Lisboa in Macau, and online gambling portals Bet365 and Bwin.
- FUNNULL is operating what appears to be one of the largest online gambling rings on the internet.
- FUNNULL claims to have “more than 30 data centers on the continent”, likely referring to mainland China.
- The suspicious network of sites is hosted on FUNNULL’s content delivery network with office addresses in Canada, Malaysia, the Philippines, Singapore, Switzerland and the United States.
- FUNNULL could have launched much more dangerous attacks, but they were apparently trying to monetize a network of spammy sites.
- These kinds of supply chain attacks are increasingly possible because the web is now a complex global network of websites that are often built with third-party tools.
- ACB Group claimed to own FUNNULL on an archived version of its official website, which is now offline.
Read Full Article
4 Likes
For uninterrupted reading, download the app