Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

Final Call: suspend ticket savings for 2025

August 6, 2025

Clay confirms that it has closed a $100 million round at a $3.1 billion valuation

August 5, 2025

WhatsApp adds new features to protect against fraud

August 5, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    WhatsApp adds new features to protect against fraud

    August 5, 2025

    Spotify expands audiobook access to US Family Plan members for the first time

    August 5, 2025

    Openai says ChatGpt is on track to reach 700m-a-week users

    August 4, 2025

    Elon Musk says he's reclaiming Vine's archives

    August 4, 2025

    Chariture.ai adds social feeds to its app

    August 4, 2025
  • Crypto

    North Korean spies pretending to be remote workers have invaded hundreds of businesses, CloudStrike says

    August 4, 2025

    Telegram's Crypto Wallet will be released in the US

    July 22, 2025

    Indian Crypto ExchangeCoindCX confirms $44 million stolen during hack

    July 21, 2025

    North Korean hackers blamed record-breaking spikes in 2025

    July 17, 2025

    Bitcoin surpasses $118K at the second highest high in 24 hours

    July 11, 2025
  • Security

    Final Call: suspend ticket savings for 2025

    August 6, 2025

    Hackers stole the identity of Cisco customers using voice phishing attacks

    August 5, 2025

    SonicWall urges customers to disable SSLVPN in reporting ransomware attacks

    August 5, 2025

    Google says AI-based bug hunter has discovered 20 security vulnerabilities

    August 4, 2025

    Confusing accused of scraping websites that explicitly blocked AI scraping

    August 4, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    Clay confirms that it has closed a $100 million round at a $3.1 billion valuation

    August 5, 2025

    NEA destroys ICONIQ and get startup insights from Chefrobotics in 2025

    August 5, 2025

    Only two days left to save $675 to destroy tickets for 2025

    August 5, 2025

    What should the founder think about if they are trying to raise the series c?

    August 2, 2025

    Venture company CRV raises $750 million and returns capital to investors, then downsizing

    August 1, 2025
TechBrunchTechBrunch

Researchers link Polyfill supply chain attacks to a vast network of copycat gambling sites

TechBrunchBy TechBrunchOctober 22, 20245 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


One of the biggest digital supply chain attacks this year was launched by a little-known company that redirected large numbers of internet users to a network of copycat gambling sites, according to security researchers.

Earlier this year, a company called FUNNULL purchased Polyfill.io. Polyfill.io is a domain that hosts open source JavaScript libraries that allow older browsers to perform functionality found in newer browsers when embedded in a website. As cybersecurity firm Sansec reported in June, once FUNNULL took control of Polyfill.io, it effectively used the domain to carry out supply chain attacks. FUNNULL then hijacked the legitimate service and leveraged its access to potentially millions of websites to push malware. visitor.

During the Polyfill.io takeover, the original Polyfill creator warned that he did not own the Polyfill.io domain and told the website that he would permanently remove the hosted Polyfill code to avoid any risks. proposed. Additionally, content delivery network providers Cloudflare and Fastly have published their own mirrors of Polyfill.io to provide a safe and reliable alternative for websites that wish to continue using the Polyfill library.

The exact purpose of the supply chain attack is unclear, but Sunsec founder Willem de Groot wrote to X at the time that it appeared to be a “laughingly egregious” attempt at monetization.

Now, security researchers at Silent Push say they have mapped out a network of thousands of Chinese gambling sites and linked it to the FUNNULL and Polyfill.io supply chain attacks.

According to a researcher's report previously shared with TechCrunch, FUNNULL uses access to Polyfill.io to inject malware and redirect website visitors to a malicious network of casinos and online gambling sites. It is said that he was

“It seems likely that this 'online gambling network' is a front,” Zach Edwards, a senior threat analyst and one of the researchers behind the Silent Push report, told TechCrunch. Edwards added that FUNNULL “operates what is believed to be one of the largest online gambling rings on the Internet.”

Silent Push researchers said in their report that they were able to identify approximately 40,000 primarily Chinese-language websites hosted by FUNNULL. These websites all have similar domains, consisting of a seemingly random smattering of letters and numbers, likely auto-generated. The sites appeared to impersonate online gambling and casino brands, including Sands, the casino conglomerate that owns the Venetian Macau. Grand Lisboa in Macau. Suncity Group; as well as online gambling portals Bet365 and Bwin.

Screenshot of one of the thousands of spam online gambling websites hosted on FUNNULL's CDN. (Image: TechCrunch)

Chris Alfred, a spokesperson for Entain, Bwin's parent company, told TechCrunch that the company “can confirm that this is not a domain we own, and that the site owner is infringing on our Bwin brand.” “We are determined to take action to resolve the issue.” this. “

Sands, Suncity Group, Macau Grand Lisboa and Bet365 did not respond to multiple requests for comment.

Edwards told TechCrunch that he and his colleagues found a FUNNULL developer's GitHub account where they were discussing “money transfers.” They believe this expression refers to money laundering. The GitHub page also included references to gambling brands spoofed on a network of spam sites, as well as links to Telegram channels with topics about transferring funds.

“And all of those sites are about moving money, that's their primary purpose,” Edwards said.

According to Edwards and his colleagues, this network of suspicious sites is hosted on FUNNULL's Content Delivery Network (CDN), and although the website claims to be “Made in the USA,” it has sites in Canada, Malaysia, the Philippines, The address of several offices in Singapore and Switzerland is said to be listed. And all of the United States looks like a place that doesn't have an address listed in the real world.

In its profile for gambling industry hub HUIDU, FUNNULL claims to have “more than 30 data centers on the continent,” likely referring to mainland China, and that it has “high-security automated server rooms in China.” states.

Despite being ostensibly a technology company, FUNNULL makes it difficult to reach representatives. TechCrunch attempted to contact the company for comment and ask questions about its role in the apparent supply chain attack, but inquiries went unanswered.

FUNNULL's website lists an email address that does not exist. A phone number that the company claims is registered with WhatsApp but could not be reached. The same number on WeChat appears to be owned by a Taiwanese woman who has no connection to FUNNULL. The Skype account did not respond to our request for comment. The other is a Telegram account that identifies herself only as “Sarah” and has the FUNNULL logo as her avatar.

Telegram's “Sarah” stopped responding to TechCrunch's requests for comment on this article in Chinese and English, including a series of questions, saying, “We don't understand what you said.” TechCrunch was also able to identify a series of valid email addresses owned by FUNNULL, none of which responded to requests for comment.

A company called ACB Group claimed to own FUNNULL on an archived version of its official website, but it is now offline. TechCrunch was unable to contact ACB Group.

Since FUNNULL has access to millions of websites, it can launch even more dangerous attacks against spam website visitors, such as installing ransomware, wiper malware, or spyware. The web is now a complex global network of websites, often built with third-party tools and controlled by third parties, and in some cases can prove to be malicious. This type of supply chain attack is becoming more and more likely.

The goal this time was apparently to monetize a network of spam sites. It could be worse next time.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Final Call: suspend ticket savings for 2025

August 6, 2025

Hackers stole the identity of Cisco customers using voice phishing attacks

August 5, 2025

SonicWall urges customers to disable SSLVPN in reporting ransomware attacks

August 5, 2025

Google says AI-based bug hunter has discovered 20 security vulnerabilities

August 4, 2025

Confusing accused of scraping websites that explicitly blocked AI scraping

August 4, 2025

Commerce Dept.'s backlog reportedly has suspended Nvidia's H20 chip license

August 1, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

Final Call: suspend ticket savings for 2025

August 6, 2025

Clay confirms that it has closed a $100 million round at a $3.1 billion valuation

August 5, 2025

WhatsApp adds new features to protect against fraud

August 5, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.