|
Infoblox Exposes: Chinese Cybercrime Syndicate Linking European Football Sponsors, Human Trafficking and a Trillion-Dollar Illegal Gambling Economy
Friday, July 26, 2024
-- Infoblox has exposed Vigorish Viper, a Chinese cybercrime syndicate
using sophisticated technology to take advantage of the US$1.7 trillion
illegal gambling economy, with links to money laundering and human
trafficking operations across Southeast Asia
-- Research reveals that Vigorish Viper has been central to the sponsorship
controversy surrounding several European football clubs, including clubs
in the English Premier League
-- Vigorish Viper was formed under and controlled by Yabo Group, an
infamous and elusive company tied to human trafficking and large-scale
cybercrime operations across Southeast Asia
-- Infoblox's unique approach to threat intelligence based in DNS research
led to the discovery and exposure of how Vigorish Viper operates,
including their operational platform, traffic distribution systems,
encrypted communications and custom apps
SANTA CLARA, Calif., July 22, 2024 /PRNewswire/ -- Infoblox Inc., a leader in cloud networking and security services, today announced a significant breakthrough in cybercrime investigation with the unmasking of a threat actor that the company has named "Vigorish Viper." Vigorish Viper is a Chinese organized crime syndicate that utilizes a sophisticated technology suite to take advantage of the global $1.7 trillion illegal sports gambling economy, with links to money laundering and human trafficking operations across Asia. This Infoblox discovery marks a significant milestone in the ongoing battle against global cybercrime using DNS intelligence.
"Vigorish Viper represents one of the most sophisticated and important threats to digital security that we have discovered to date," said Dr. Renée Burton, Vice President, Infoblox Threat Intel. "Infoblox Threat Intel used cutting-edge DNS research to discover the technologies underpinning the syndicate. Vigorish Viper created a complex infrastructure with multiple layers of traffic distribution systems (TDSs) using DNS CNAME records and JavaScript, which makes it incredibly difficult to detect. These systems are complemented by their own encrypted communications and custom-developed applications, making their activities not only elusive but also remarkably resilient."
Vigorish Viper is a name derived from the gambling world's exorbitant fees levied on unlucky bettors. The term vigorish, or vig for short, is used by organized crime syndicates to refer to these fees. Viper refers to the complex combination of TDSs and convoluted brand relationships that the actor employs to route users to content. Vigorish Viper leverages sponsorship of popular European sports teams to advertise for their illegal gambling sites, which primarily target Greater China.
Dr. Renée Burton added, "This work is particularly important because it connects the physical crimes of human trafficking, money laundering, and fraud, to online crime in a way that hasn't been done before. We can now see that organized crime is executing a cunning strategy that uses unwitting European clubs to fuel their criminal cycle."
The research report from Infoblox details the discovery of Vigorish Viper, how it operates from a technical perspective, its ties to organized crime, and its role in the European football sponsorship scandals. Key findings include:
-- Sophisticated Tech Suite: Vigorish Viper's technology suite is a
comprehensive cybercrime supply chain, encompassing software, DNS
configurations, website hosting, payment systems, and mobile apps.
-- Criminal Connections: The technology was developed by the notorious Yabo
Group (also known as Yabo Sports or Yabo) prior to its reported
dissolution in 2022. The Yabo Group has been linked to controversy in
Europe surrounding the use of certain football club sponsorships,
including several in the English Premier League such as Manchester
United, to illegally advertise unregulated gambling sites in Asia. The
Asian Racing Federation (ARF) Council on Anti-Illegal Betting and
Related Financial Crime identified Yabo as "possibly the biggest illegal
gambling operation targeting Greater China" and directly tied it to
practices of modern slavery in which victims are forced to support
gambling services.
-- Elusive Operations & DNS Knowledge: Vigorish Viper operates a vast
network of over 170,000 active domain names, evading detection and law
enforcement through its sophisticated use of DNS CNAME traffic
distribution systems.
-- European Sponsorship Controversy: The network is implicated in a scheme
that involves securing European football club sponsorships on screens
during games, or on player jerseys for example, to advertise illegal
gambling sites in Southeast Asia, exploiting the clubs' popularity to
attract bettors.
-- Interconnected Threats: Tens of seemingly unrelated gambling brands that
advertise by way of sponsorship deals with certain European sports teams
use Vigorish Viper technology. While these brands appear distinct, they
operate more like the branches of a franchise, further highlighting the
importance of a holistic view on such threats that only DNS brings to
the table.
"DNS analytics led to the discovery of Vigorish Viper and constitutes the best mechanism for tracking the actor's infrastructure. Stopping Vigorish Viper is also most effective via DNS because the actor changes rapidly," added Burton.
Adding to the gravity of the situation, despite gambling being almost completely illegal in Greater China, it is estimated that citizens in the region bet nearly US$850 billion annually. This staggering figure underscores the scale and complexity of Vigorish Viper's operations, with significant implications for global cybercrime.
Details on this threat actor can be found in Infoblox Threat Intel's latest research report here.
"Infoblox remains committed to providing actionable intelligence to expose threat actors leveraging DNS for their operations," Burton emphasized. "Our ongoing tracking and exposure of threat actors demonstrates the critical role DNS plays in combating sophisticated cyber threats, and underscores the industry's need for continued innovation in DNS and cybersecurity technologies."
Under the leadership of Dr. Renée Burton, Infoblox Threat Intel has become a proud originator of DNS-based threat intelligence. Infoblox Threat Intel's researchers use a unique approach that combines a profound understanding of DNS data, data science, machine learning, artificial intelligence, and reverse engineering. This potent mix of skills and expertise enables Infoblox Threat Intel to generate robust threat intelligence, fortifying Infoblox's Threat Defense solutions. Learn more about Infoblox Threat Intel and explore how its research is shaping the future of cybersecurity by visiting https://www.infoblox.com/threat-intel/.
About Infoblox
Infoblox unites networking and security to deliver unmatched performance and protection. Trusted by Fortune 100 companies and emerging innovators, we provide real-time visibility and control over who and what connects to your network, so your organization runs faster and stops threats earlier. Visit infoblox.com, or follow us on LinkedIn?or X.
View original content to download multimedia:https://www.prnewswire.com/news-releases/infoblox-exposes-chinese-cybercrime-syndicate-linking-european-football-sponsors-human-trafficking-and-a-trillion-dollar-illegal-gambling-economy-302201982.html
SOURCE Infoblox Inc.
|
|
|
|
|
|
 |
Fractal Achieves The AWS Generative AI Competency | Oct 17, 2024
|
|
Customer Analytics Applications Market size is set to grow by USD 16.73 billion from 2024-2028, increasing number of social media users to boost the revenue- Technavio | Oct 17, 2024
|
|
Genedata Expressionist 18.5 Introduces Automated Characterization Workflows for Novel Therapeutics | Oct 17, 2024
|
|
Delta Showcases AI Data Center and Smart Manufacturing Solutions at CEATEC 2024 to Align with Japan's Society 5.0 National Initiative | Oct 17, 2024
|
|
Cyngn Secures its 21st U.S. Patent: System and Methods of Adaptive Object-based Decision Making for Autonomous Driving | Oct 17, 2024
|
|
Intelligence Factory Introduces OGAR, a Technique to Reduce Hallucinations in AI Agents | Oct 17, 2024
|
|
Infosys and Microsoft Expand Strategic Collaboration to Accelerate Customer Adoption of The Microsoft Cloud and Generative AI | Oct 17, 2024
|
|
Marine Audio Market Surges to USD 290.63 Million by 2030, Propelled by 3.25% CAGR - Verified Market Reports® | Oct 17, 2024
|
|
Tredence Expands Supply Chain Command Center to the Snowflake AI Data Cloud | Oct 17, 2024
|
|
Centific and Denvr Dataworks, in Collaboration with Intel, Revolutionize Enterprise AI with Centific Frontier AI Data Platform on Intel Gaudi 3 | Oct 17, 2024
|
|
|
|
