A sprawling infrastructure that defrauded unsuspecting people through fraudulent gambling sites for 14 years is likely a dual operation run by a government-sponsored group that targets government and private industry organizations in the United States and Europe, researchers said Wednesday.
Previously, researchers tracked small parts of huge infrastructure. Last month, security firm Sucuri reported that this operation looks for and compromises poorly configured websites running the WordPress CMS. Imperva in January said Attackers also scan and exploit web applications that are written in the PHP programming language and have existing web shells or vulnerabilities. After exploiting the vulnerabilities, attackers install GSocket, a backdoor that attackers use to compromise servers and host web content related to gambling.
All gaming sites are aimed at visitors who speak Indonesian. Since Indonesian laws prohibit gambling, many people in this country are attracted to illegal services. Most of the 236,433 attacker-owned domains hosting gaming sites are hosted on Cloudflare. Most of the 1,481 hacked subdomains were hosted on Amazon Web Services, Azure, and GitHub.
There are no “fast” gambling scams here.
On Wednesday, researchers from security firm Malanta said These details are just the most visible signs of a malicious network that is actually much larger and more complex than previously known. In addition to being a financially motivated operation, the network likely serves national hackers targeting a wide range of organizations, including those in manufacturing, transportation, healthcare, government and education, the company said.
The basis for the assumptions is the enormous amount of time and resources spent on creating and maintaining the infrastructure over a period of 14 years. The assets include 328,000 individual domains, which include 236,000 addresses that attackers bought and 90,000 they hijacked by compromising legitimate websites. It also consists of almost 1,500 hijacked subdomains of legitimate organizations. Malanta estimates that funding such infrastructure costs between $725,000 and $17 million a year.
