Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

Vitalik Buterin reserves for Sam Altman's global project

June 28, 2025

FBI, cybersecurity firms say prolific hacking crews are currently targeting airlines and transportation sectors

June 28, 2025

YouTube mobile video editor is coming to iOS

June 27, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    YouTube mobile video editor is coming to iOS

    June 27, 2025

    Tiktok is testing its own version of Instagram's “broadcast channel”

    June 27, 2025

    Google launches DOPPL. This launches a new app that lets you visualize how your outfit looks to you

    June 26, 2025

    Apple updates rules for the EU App Store by adding more complicated pricing

    June 26, 2025

    Threads allow you to manage hidden words apart from Instagram and set time limits

    June 26, 2025
  • Crypto

    Vitalik Buterin reserves for Sam Altman's global project

    June 28, 2025

    Calci will close a $185 million round as rival Polymeruk reportedly seeks $200 million

    June 25, 2025

    Stablecoin Evangelist: Katie Haun's Battle of Digital Dollars

    June 22, 2025

    Hackers steal and destroy millions of Iran's biggest crypto exchanges

    June 18, 2025

    Unique, a new social media app

    June 17, 2025
  • Security

    FBI, cybersecurity firms say prolific hacking crews are currently targeting airlines and transportation sectors

    June 28, 2025

    Prolific cybercrime gangs currently targeting the airline and transportation sector

    June 27, 2025

    US and French authorities confirm arrest of a violation form hacker

    June 26, 2025

    Homeland Security warns about Iran-backed cyberattacks targeting US networks

    June 26, 2025

    Ring cameras and doorbells now use AI to provide specific descriptions of motion activities

    June 25, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    Jesse Draper's Halogen Ventures closes $30 million Fund III to focus on the “future of a family”

    June 27, 2025

    Only 2 Exhibitor Tables to get grabs at TC at all stages – billed by June 29th

    June 27, 2025

    Founders of 01A share their playbook in 2025

    June 27, 2025

    TC All Stage regains early release prices for limited time

    June 27, 2025

    This AI-powered startup studio is planning to launch 100,000 companies a year – truly

    June 27, 2025
TechBrunchTechBrunch

Researchers link Polyfill supply chain attacks to a vast network of copycat gambling sites

TechBrunchBy TechBrunchOctober 22, 20245 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


One of the biggest digital supply chain attacks this year was launched by a little-known company that redirected large numbers of internet users to a network of copycat gambling sites, according to security researchers.

Earlier this year, a company called FUNNULL purchased Polyfill.io. Polyfill.io is a domain that hosts open source JavaScript libraries that allow older browsers to perform functionality found in newer browsers when embedded in a website. As cybersecurity firm Sansec reported in June, once FUNNULL took control of Polyfill.io, it effectively used the domain to carry out supply chain attacks. FUNNULL then hijacked the legitimate service and leveraged its access to potentially millions of websites to push malware. visitor.

During the Polyfill.io takeover, the original Polyfill creator warned that he did not own the Polyfill.io domain and told the website that he would permanently remove the hosted Polyfill code to avoid any risks. proposed. Additionally, content delivery network providers Cloudflare and Fastly have published their own mirrors of Polyfill.io to provide a safe and reliable alternative for websites that wish to continue using the Polyfill library.

The exact purpose of the supply chain attack is unclear, but Sunsec founder Willem de Groot wrote to X at the time that it appeared to be a “laughingly egregious” attempt at monetization.

Now, security researchers at Silent Push say they have mapped out a network of thousands of Chinese gambling sites and linked it to the FUNNULL and Polyfill.io supply chain attacks.

According to a researcher's report previously shared with TechCrunch, FUNNULL uses access to Polyfill.io to inject malware and redirect website visitors to a malicious network of casinos and online gambling sites. It is said that he was

“It seems likely that this 'online gambling network' is a front,” Zach Edwards, a senior threat analyst and one of the researchers behind the Silent Push report, told TechCrunch. Edwards added that FUNNULL “operates what is believed to be one of the largest online gambling rings on the Internet.”

Silent Push researchers said in their report that they were able to identify approximately 40,000 primarily Chinese-language websites hosted by FUNNULL. These websites all have similar domains, consisting of a seemingly random smattering of letters and numbers, likely auto-generated. The sites appeared to impersonate online gambling and casino brands, including Sands, the casino conglomerate that owns the Venetian Macau. Grand Lisboa in Macau. Suncity Group; as well as online gambling portals Bet365 and Bwin.

Screenshot of one of the thousands of spam online gambling websites hosted on FUNNULL's CDN. (Image: TechCrunch)

Chris Alfred, a spokesperson for Entain, Bwin's parent company, told TechCrunch that the company “can confirm that this is not a domain we own, and that the site owner is infringing on our Bwin brand.” “We are determined to take action to resolve the issue.” this. “

Sands, Suncity Group, Macau Grand Lisboa and Bet365 did not respond to multiple requests for comment.

Edwards told TechCrunch that he and his colleagues found a FUNNULL developer's GitHub account where they were discussing “money transfers.” They believe this expression refers to money laundering. The GitHub page also included references to gambling brands spoofed on a network of spam sites, as well as links to Telegram channels with topics about transferring funds.

“And all of those sites are about moving money, that's their primary purpose,” Edwards said.

According to Edwards and his colleagues, this network of suspicious sites is hosted on FUNNULL's Content Delivery Network (CDN), and although the website claims to be “Made in the USA,” it has sites in Canada, Malaysia, the Philippines, The address of several offices in Singapore and Switzerland is said to be listed. And all of the United States looks like a place that doesn't have an address listed in the real world.

In its profile for gambling industry hub HUIDU, FUNNULL claims to have “more than 30 data centers on the continent,” likely referring to mainland China, and that it has “high-security automated server rooms in China.” states.

Despite being ostensibly a technology company, FUNNULL makes it difficult to reach representatives. TechCrunch attempted to contact the company for comment and ask questions about its role in the apparent supply chain attack, but inquiries went unanswered.

FUNNULL's website lists an email address that does not exist. A phone number that the company claims is registered with WhatsApp but could not be reached. The same number on WeChat appears to be owned by a Taiwanese woman who has no connection to FUNNULL. The Skype account did not respond to our request for comment. The other is a Telegram account that identifies herself only as “Sarah” and has the FUNNULL logo as her avatar.

Telegram's “Sarah” stopped responding to TechCrunch's requests for comment on this article in Chinese and English, including a series of questions, saying, “We don't understand what you said.” TechCrunch was also able to identify a series of valid email addresses owned by FUNNULL, none of which responded to requests for comment.

A company called ACB Group claimed to own FUNNULL on an archived version of its official website, but it is now offline. TechCrunch was unable to contact ACB Group.

Since FUNNULL has access to millions of websites, it can launch even more dangerous attacks against spam website visitors, such as installing ransomware, wiper malware, or spyware. The web is now a complex global network of websites, often built with third-party tools and controlled by third parties, and in some cases can prove to be malicious. This type of supply chain attack is becoming more and more likely.

The goal this time was apparently to monetize a network of spam sites. It could be worse next time.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

FBI, cybersecurity firms say prolific hacking crews are currently targeting airlines and transportation sectors

June 28, 2025

Prolific cybercrime gangs currently targeting the airline and transportation sector

June 27, 2025

US and French authorities confirm arrest of a violation form hacker

June 26, 2025

Homeland Security warns about Iran-backed cyberattacks targeting US networks

June 26, 2025

Ring cameras and doorbells now use AI to provide specific descriptions of motion activities

June 25, 2025

The US bans WhatsApp from House of Leprancatives Staff Devices

June 24, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

Vitalik Buterin reserves for Sam Altman's global project

June 28, 2025

FBI, cybersecurity firms say prolific hacking crews are currently targeting airlines and transportation sectors

June 28, 2025

YouTube mobile video editor is coming to iOS

June 27, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.