Polyfill Domain Linked to Huge Network of Fake Gambling Sites
Regulation · 2024-10-22

Polyfill Domain Linked to Huge Network of Fake Gambling Sites

A company named FUNNULL purchased Polyfill.io and used the domain to push malware to potentially millions of websites and their visitors. [Image: Shutterstock.com]

Open-source JavaScript library becomes mayhem

An open-source JavaScript library empowered websites to enable outdated browsers to run features contained in newer browsers. The potential benefit of such a feature, however, became tarnished when a company named FUNNULL purchased Polyfill.io and used the domain to push malware to potentially millions of websites and their visitors.

it appeared to be a ‘laughably bad’ attempt at monetization”

The original Polyfill author warned users that he never owned the Polyfill.io domain. He recommended that websites remove the code completely to avoid just the sort of scam that new domain owners now used the code to implement. Though no one is quite clear why the attack was put into motion, TechCrunch reports that “Willem de Groot, the founder of Sansec, wrote on X at the time that it appeared to be a ‘laughably bad’ attempt at monetization.”

Malware redirected users to malicious sites

According to a researchers’ report from Silent Push, malware injections were used to “redirect visitors to that malicious network of casinos and online gambling sites.”

Zach Edwards, a senior threat analyst and one of the researchers who worked on the Silent Push report, told TechCrunch: “It appears likely that this ‘online gambling network’ is a front,” adding that FUNNULL is “operating what appears to be one of the largest online gambling rings on the internet.”

the websites were designed “to impersonate online gambling and casino brands”

The scam was hardly sophisticated. The Silent Push report said that around 40,000 mostly Chinese-language websites were hosted by FUNNULL, with all of them utilizing domains that appeared to be automatically generated, each made up of what looked like random letters and numbers. The websites were designed “to impersonate online gambling and casino brands, including Sands, a casino conglomerate that owns Venetian Macau; the Grand Lisboa in Macau; SunCity Group; as well as the online gambling portals Bet365 and Bwin.”

Chris Alfred, a spokesperson for Entain, Bwin’s parent company, told TechCrunch: “… [the company] can confirm that this is not a domain we own, so it appears the site owner is infringing on our Bwin brand, so we will be taking action to resolve this.”

Money laundering scheme

Edwards told TechCrunch that FUNNULL appears to be using their operation for what the FUNNULL developer’s GitHub describes as “money-moving,” which Edwards believes refers to money laundering. Edwards said: “And those sites are all for moving money, or is their primary purpose.”

TechCrunch made repeated attempts to contact representatives at FUNNULL, but each attempt came up empty or frustrated. TechCrunch reports that FUNNULL’s website “lists an email address that does not exist; a phone number that the company claims to be on WhatsApp, but could not be reached; the same number which on WeChat appears to be owned by a woman in Taiwan with no affiliation to FUNNULL; a Skype account that did not respond to our requests for comment; and a Telegram account that only identifies itself as ‘Sara.’”

While Sara initially responded to TechCrunch’s request for comment, the response was not substantial, saying only that they “did not understand” and then terminating the conversation.

the next attack could be “much worse”

TechCrunch warns that while the attack this time was limited to installing malware and redirecting users to fake gambling and casino websites, the next attack could be “much worse.”

TechCrunch said: “These kinds of supply chain attacks are increasingly possible because the web is now a complex global network of websites that are often built with third party tools, controlled by third parties that, at times, could turn out to be malicious.”

Next time, the attack could install even more malicious programming, such as ransomware, wiper malware, or spyware.

热门文章
密西西比州众议院委员会推进提议增加赌场税的法案
游戏风向
2027 Global Game Connect(GGC)斯里兰卡招商全面开启!业务人脉尽在掌握!
灰度头条
斯里兰卡博弈产业大转型,官方:剑指南亚拉斯维加斯
游戏风向
巴西拟将博彩税率提高至24% 税收将用于社保和医疗领域
游戏风向
BETFAIR 网络攻击80万用户资料泄露
游戏风向
准备好了将你的收益最大化吗?尝试ProPush.me Constructor!
广告营销
超级PAC筹资4800万美元:体育博彩势力加码
游戏风向
Zenith携手HUIDU,冠名赞助2026年世界杯嘉年华官方巡回活动
线上游戏
亚洲游戏市场观察:15大市场热门游戏与用户趋势
线上游戏
越南博彩管控逐步放宽,惟本土需求仍显乏力
东南亚资讯
越南在线博彩业政策收紧 催生市场新机遇
东南亚资讯
新泽西州7月博彩收入创6.06亿美元新高,颁布禁令
游戏风向
英国确认各垂直行业的赌博税税率
游戏风向
巴西颁布新法赋权央行封锁非法博彩账户及 Pix 交易
支付动态
亚洲顶尖游戏供应商多寶游戏 DB GAMING,开创亚洲市场的唯一首选
广告营销
首页
游戏
合作
发现
我的