Fraudulent gambling network may be something more nefarious
a day ago
- #nation-state
- #cybersecurity
- #fraud
- A fraudulent gambling operation has been running for 14 years, likely sponsored by a nation-state, targeting US and European organizations.
- The operation exploits poorly configured WordPress sites and PHP web apps to install backdoors for hosting gambling content.
- Gambling sites target Indonesian-speaking visitors, exploiting the country's gambling prohibition.
- 236,433 attacker-owned domains are hosted on Cloudflare, while 1,481 hijacked subdomains are on AWS, Azure, and GitHub.
- Security firm Malanta reveals the operation is larger and more complex, possibly serving nation-state hackers targeting various sectors.
- The infrastructure includes 328,000 domains (236,000 bought, 90,000 hijacked) and costs between $725,000 to $17 million annually to maintain.