More details have emerged surrounding FUNNULL, the company that bought the Polyfill.io service and used it to launch a major supply chain attack?
New research claims the service is now being used as part of an enormous money-laundering scheme that involves tens of thousands of fake gambling sites for Chinese victims.
Security researchers Silent Push published a new report claiming to have mapped out a network of 40,000 Chinese gambling sites, propped up by FUNNULL, and redirected to using Polyfill. In its attack, FUNNULL impersonated a dozen brands from the gambling industry, and used more than 200,000 unique hostnames, 95% of which were created using Domain Generation Algorithms.
No workaround
Polyfill.io grants modern functionalities on older browsers, allowing web developers to use modern web standards without worrying about compatibility. The service, and accompanying domain, was acquired February 2024 by a little-known company called FUNNULL. Subsequent investigation has shown that the company is of Chinese origin, and most likely completely fake and non-existent.
When FUNNULL acquired Polyfill, its original developers urged the users (approximately 100,000 websites) to stop using it immediately, and go for safe alternatives (both Cloudflare and Fastly propped up legitimate mirrors at the time).
In June 2024, cybersecurity experts from Sansec warned that polyfill was…
Read full post on Tech Radar
Discover more from Technical Master - Gadgets Reviews, Guides and Gaming News
Subscribe to get the latest posts sent to your email.