Connect with us

Cyber Security

Dirty Money, Dirty Games: Infoblox Exposes Football Sponsor’s Dark Secret

Published

on

Infoblox has announced a significant breakthrough in cybercrime investigation with the unmasking of a threat actor that the company has named “Vigorish Viper.” Vigorish Viper is a Chinese organized crime syndicate that utilizes a sophisticated technology suite to take advantage of the global $1.7 trillion illegal sports gambling economy, with links to money laundering and human trafficking operations across Asia. This Infoblox discovery marks a significant milestone in the ongoing battle against global cybercrime using DNS intelligence.

“Vigorish Viper represents one of the most sophisticated and important threats to digital security that we have discovered to date,” said Dr. Renée Burton, Vice President, Infoblox Threat Intel. “Infoblox Threat Intel used cutting-edge DNS research to discover the technologies underpinning the syndicate. Vigorish Viper created a complex infrastructure with multiple layers of traffic distribution systems (TDSs) using DNS CNAME records and JavaScript, which makes it incredibly difficult to detect. These systems are complemented by their own encrypted communications and custom-developed applications, making their activities not only elusive but also remarkably resilient.”

Vigorish Viper is a name derived from the gambling world’s exorbitant fees levied on unlucky bettors. The term vigorish, or vig for short, is used by organized crime syndicates to refer to these fees. Viper refers to the complex combination of TDSs and convoluted brand relationships that the actor employs to route users to content. Vigorish Viper leverages sponsorship of popular European sports teams to advertise for their illegal gambling sites, which primarily target Greater China.

Dr. Renée Burton added, “This work is particularly important because it connects the physical crimes of human trafficking, money laundering, and fraud, to online crime in a way that hasn’t been done before. We can now see that organized crime is executing a cunning strategy that uses unwitting European clubs to fuel their criminal cycle.” The research report from Infoblox details the discovery of Vigorish Viper, how it operates from a technical perspective, its ties to organized crime, and its role in the European football sponsorship scandals. Key findings include:

  1. Sophisticated Tech Suite: Vigorish Viper’s technology suite is a comprehensive cybercrime supply chain, encompassing software, DNS configurations, website hosting, payment systems, and mobile apps.
  2. Criminal Connections: The technology was developed by the notorious Yabo Group (also known as Yabo Sports or Yabo) prior to its reported dissolution in 2022. The Yabo Group has been linked to controversy in Europe surrounding the use of certain football club sponsorships, including several in the English Premier League such as Manchester United, to illegally advertise unregulated gambling sites in Asia. The Asian Racing Federation (ARF) Council on Anti-Illegal Betting and Related Financial Crime identified Yabo as “possibly the biggest illegal gambling operation targeting Greater China” and directly tied it to practices of modern slavery in which victims are forced to support gambling services.
  3. Elusive Operations & DNS Knowledge: Vigorish Viper operates a vast network of over 170,000 active domain names, evading detection and law enforcement through its sophisticated use of DNS CNAME traffic distribution systems.
  4. European Sponsorship Controversy: The network is implicated in a scheme that involves securing European football club sponsorships on screens during games, or on player jerseys for example, to advertise illegal gambling sites in Southeast Asia, exploiting the clubs’ popularity to attract bettors.
  5. Interconnected Threats: Tens of seemingly unrelated gambling brands that advertise by way of sponsorship deals with certain European sports teams use Vigorish Viper technology. While these brands appear distinct, they operate more like the branches of a franchise, further highlighting the importance of a holistic view of such threats that only DNS brings to the table.

“DNS analytics led to the discovery of Vigorish Viper and constitutes the best mechanism for tracking the actor’s infrastructure. Stopping Vigorish Viper is also most effective via DNS because the actor changes rapidly,” added Burton. Adding to the gravity of the situation, despite gambling being almost completely illegal in Greater China, it is estimated that citizens in the region bet nearly $850 billion annually. This staggering figure underscores the scale and complexity of Vigorish Viper’s operations, with significant implications for global cybercrime.

Cyber Security

Cybersecurity has Gained Significant Traction in the Region

Published

on

Fernando Cea, the VP of Technology for New Markets at Globant, says 45% of business leaders prioritise cyber risk management in the region, surpassing the global average of 43% (more…)

Continue Reading

Cyber Security

A Reliable Data Backup Strategy is Very Important

Published

on

Sertan Selcuk, the Vice President of METAP and CIS Regions at OPSWAT says hackers are now targeting third-party vendors—companies that have access to critical infrastructure but often have less robust security measures (more…)

Continue Reading

Cyber Security

Cloud and IoT Vulnerabilities Expose Smart Cities and Industrial Systems to Cyber Risks

Published

on

Ezzeldin Husein, the Regional Senior Director for Solution Engineering – META at SentinelOne says cyberattacks on MEA’s critical infrastructure are becoming more sophisticated, with nation-state actors, ransomware gangs, and hacktivists targeting energy, finance, and transportation sectors (more…)

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.