Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

TC Session: AI Trivi Account Down – Next Shot in Big

May 31, 2025

Google quietly released an app that allows you to download and run AI models locally

May 31, 2025

The counted conversation begins in 5 days in a TC session: ai

May 31, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    Google quietly released an app that allows you to download and run AI models locally

    May 31, 2025

    A guide to using editing, Meta's new Capcut Rival for Short-Form video editing

    May 31, 2025

    Automattic says it will start contributing to WordPress again after pause

    May 30, 2025

    The last day to vote to destroy the 2025 agenda lineup

    May 30, 2025

    6 days left: Ready for the truth about unfiltered AI in TC sessions: AI?

    May 30, 2025
  • Crypto

    GameStop bought $500 million in Bitcoin

    May 28, 2025

    Vote for the session you want to watch in 2025

    May 26, 2025

    Save $900 + 90% from 2 tickets to destroy 2025 in the last 24 hours

    May 25, 2025

    Only 3 days left to save up to $900 to destroy the 2025 pass

    May 23, 2025

    Starting from up to $900 from Ticep, 90% off +1 in 2025

    May 22, 2025
  • Security

    8 things we learned from WhatsApp vs. NSO Group Spyware Litigation

    May 30, 2025

    White House investigates how Trump's chief staff's phone was hacked

    May 30, 2025

    US government sanctions technology company involved in cyber fraud

    May 29, 2025

    Ten years later, the bootstrap Thinkst Canary will reach $20 million ARR without VC funding

    May 29, 2025

    Security Startup Horizon3.AI raises $100 million in new rounds

    May 28, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    TC Session: AI Trivi Account Down – Next Shot in Big

    May 31, 2025

    The counted conversation begins in 5 days in a TC session: ai

    May 31, 2025

    TC Session: AI Trivi Account Down – Test your AI Knowledge

    May 30, 2025

    Most of the exhibit tables left to make a claim at TC at every stage | TechCrunch

    May 30, 2025

    7 days until doors open during session: ai

    May 29, 2025
TechBrunchTechBrunch

Researchers link Polyfill supply chain attacks to a vast network of copycat gambling sites

TechBrunchBy TechBrunchOctober 22, 20245 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


One of the biggest digital supply chain attacks this year was launched by a little-known company that redirected large numbers of internet users to a network of copycat gambling sites, according to security researchers.

Earlier this year, a company called FUNNULL purchased Polyfill.io. Polyfill.io is a domain that hosts open source JavaScript libraries that allow older browsers to perform functionality found in newer browsers when embedded in a website. As cybersecurity firm Sansec reported in June, once FUNNULL took control of Polyfill.io, it effectively used the domain to carry out supply chain attacks. FUNNULL then hijacked the legitimate service and leveraged its access to potentially millions of websites to push malware. visitor.

During the Polyfill.io takeover, the original Polyfill creator warned that he did not own the Polyfill.io domain and told the website that he would permanently remove the hosted Polyfill code to avoid any risks. proposed. Additionally, content delivery network providers Cloudflare and Fastly have published their own mirrors of Polyfill.io to provide a safe and reliable alternative for websites that wish to continue using the Polyfill library.

The exact purpose of the supply chain attack is unclear, but Sunsec founder Willem de Groot wrote to X at the time that it appeared to be a “laughingly egregious” attempt at monetization.

Now, security researchers at Silent Push say they have mapped out a network of thousands of Chinese gambling sites and linked it to the FUNNULL and Polyfill.io supply chain attacks.

According to a researcher's report previously shared with TechCrunch, FUNNULL uses access to Polyfill.io to inject malware and redirect website visitors to a malicious network of casinos and online gambling sites. It is said that he was

“It seems likely that this 'online gambling network' is a front,” Zach Edwards, a senior threat analyst and one of the researchers behind the Silent Push report, told TechCrunch. Edwards added that FUNNULL “operates what is believed to be one of the largest online gambling rings on the Internet.”

Silent Push researchers said in their report that they were able to identify approximately 40,000 primarily Chinese-language websites hosted by FUNNULL. These websites all have similar domains, consisting of a seemingly random smattering of letters and numbers, likely auto-generated. The sites appeared to impersonate online gambling and casino brands, including Sands, the casino conglomerate that owns the Venetian Macau. Grand Lisboa in Macau. Suncity Group; as well as online gambling portals Bet365 and Bwin.

Screenshot of one of the thousands of spam online gambling websites hosted on FUNNULL's CDN. (Image: TechCrunch)

Chris Alfred, a spokesperson for Entain, Bwin's parent company, told TechCrunch that the company “can confirm that this is not a domain we own, and that the site owner is infringing on our Bwin brand.” “We are determined to take action to resolve the issue.” this. “

Sands, Suncity Group, Macau Grand Lisboa and Bet365 did not respond to multiple requests for comment.

Edwards told TechCrunch that he and his colleagues found a FUNNULL developer's GitHub account where they were discussing “money transfers.” They believe this expression refers to money laundering. The GitHub page also included references to gambling brands spoofed on a network of spam sites, as well as links to Telegram channels with topics about transferring funds.

“And all of those sites are about moving money, that's their primary purpose,” Edwards said.

According to Edwards and his colleagues, this network of suspicious sites is hosted on FUNNULL's Content Delivery Network (CDN), and although the website claims to be “Made in the USA,” it has sites in Canada, Malaysia, the Philippines, The address of several offices in Singapore and Switzerland is said to be listed. And all of the United States looks like a place that doesn't have an address listed in the real world.

In its profile for gambling industry hub HUIDU, FUNNULL claims to have “more than 30 data centers on the continent,” likely referring to mainland China, and that it has “high-security automated server rooms in China.” states.

Despite being ostensibly a technology company, FUNNULL makes it difficult to reach representatives. TechCrunch attempted to contact the company for comment and ask questions about its role in the apparent supply chain attack, but inquiries went unanswered.

FUNNULL's website lists an email address that does not exist. A phone number that the company claims is registered with WhatsApp but could not be reached. The same number on WeChat appears to be owned by a Taiwanese woman who has no connection to FUNNULL. The Skype account did not respond to our request for comment. The other is a Telegram account that identifies herself only as “Sarah” and has the FUNNULL logo as her avatar.

Telegram's “Sarah” stopped responding to TechCrunch's requests for comment on this article in Chinese and English, including a series of questions, saying, “We don't understand what you said.” TechCrunch was also able to identify a series of valid email addresses owned by FUNNULL, none of which responded to requests for comment.

A company called ACB Group claimed to own FUNNULL on an archived version of its official website, but it is now offline. TechCrunch was unable to contact ACB Group.

Since FUNNULL has access to millions of websites, it can launch even more dangerous attacks against spam website visitors, such as installing ransomware, wiper malware, or spyware. The web is now a complex global network of websites, often built with third-party tools and controlled by third parties, and in some cases can prove to be malicious. This type of supply chain attack is becoming more and more likely.

The goal this time was apparently to monetize a network of spam sites. It could be worse next time.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

8 things we learned from WhatsApp vs. NSO Group Spyware Litigation

May 30, 2025

White House investigates how Trump's chief staff's phone was hacked

May 30, 2025

US government sanctions technology company involved in cyber fraud

May 29, 2025

Ten years later, the bootstrap Thinkst Canary will reach $20 million ARR without VC funding

May 29, 2025

Security Startup Horizon3.AI raises $100 million in new rounds

May 28, 2025

When fighting a security incident, he was hit by Victoria's secret halt.

May 28, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

TC Session: AI Trivi Account Down – Next Shot in Big

May 31, 2025

Google quietly released an app that allows you to download and run AI models locally

May 31, 2025

The counted conversation begins in 5 days in a TC session: ai

May 31, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.