Nearly 40,000 websites spoofing online gambling and casino brands, most of which are in the Chinese language, have been leveraged by Chinese company Funnull as part of the massive digital supply chain attack involving the open-source JavaScript library-hosting domain Polyfill.io, TechCrunch reports.
Attacks by Funnull exploited Polyfill.io access to facilitate malware compromise and redirection to the websites, which impersonate casino conglomerate Sands and the Bwin and Bet365 gambling portals, according to a report from Silent Push researchers. All of the websites were discovered to be hosted on the content delivery network of Funnull purporting to be created in the U.S. but including false office addresses in the U.S., Canada, Singapore, Malaysia, Switzerland, and the Philippines. "It appears likely that this 'online gambling network' is a front," said Silent Push senior threat analyst Zach Edwards, who noted Funnull to be leading "one of the largest online gambling rings." While Bwin parent firm Entain denied ownership of the spoofed domain, other organizations implicated in the supply chain attack campaign have yet to comment.
