A campaign has reportedly compromised approximately 150,000 websites by injecting malicious JavaScript to redirect users to Chinese-language gambling platforms. The threat actor utilizes iframe injections to create full-screen overlays, simulating legitimate betting sites like Bet365 to increase effectiveness. Current statistics indicate over 135,800 sites exhibit the JavaScript payload, showcasing an ongoing trend of client-side attacks that continue to evolve and expand, raising concerns about the security landscape.
The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a full-screen overlay in the visitor's browser.
This attack demonstrates how threat actors constantly adapt, increasing their reach and using new layers of obfuscation.
Collection
[
|
...
]