Threat Actors Compromise 150,000 Websites to Promote Chinese Gambling Platforms

A large-scale cyberattack has compromised approximately 150,000 legitimate websites by injecting malicious JavaScript to redirect visitors to Chinese-language gambling platforms.

The campaign, first detected in February 2025 with 35,000 infected sites, has since expanded significantly, leveraging obfuscated scripts and iframe injections to hijack browsers.

Chinese Gambling Platforms — injected pages

Attackers use domains like zuizhongyj[.]com to host payloads, which display full-screen overlays mimicking legitimate betting sites such as Bet365.

Technical Tactics

The threat actors employ HTML entity encoding and hexadecimal obfuscation to hide malicious scripts, such as injecting

`Read Next`


GBHackersMarch 31, 2025
U.S. DOJ Seizes $8.2 Million from Hackers Linked to Pig Butchering Scam


GBHackersMarch 29, 2025
“Crocodilus” A New Malware Targeting Android Devices for Full Takeover


GBHackersMarch 29, 2025
Gamaredon Hackers Weaponize LNK Files to Deliver Remcos backdoor


GBHackersMarch 29, 2025
SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk


GBHackersMarch 28, 2025
PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel


GBHackersMarch 28, 2025
New Python-Based Discord RAT Targets Users to Steal Login Credentials


GBHackersMarch 28, 2025
Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands


GBHackersMarch 28, 2025
GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries


GBHackersMarch 28, 2025
A Framework for Detecting Backdoor Attacks in Deep Learning Models


GBHackersMarch 28, 2025
SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server

March 31, 2025

`U.S. DOJ Seizes $8.2 Million from Hackers Linked to Pig Butchering Scam`

March 29, 2025

`“Crocodilus” A New Malware Targeting Android Devices for Full Takeover`

March 29, 2025

`Gamaredon Hackers Weaponize LNK Files to Deliver Remcos backdoor`

March 29, 2025

`SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk`

March 28, 2025

`PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel`

March 28, 2025

`New Python-Based Discord RAT Targets Users to Steal Login Credentials`

March 28, 2025

`Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands`

March 28, 2025

`GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries`

March 28, 2025

`A Framework for Detecting Backdoor Attacks in Deep Learning Models`

March 28, 2025

`SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server`



Close

Technical Tactics

Read Next

U.S. DOJ Seizes $8.2 Million from Hackers Linked to Pig Butchering Scam

“Crocodilus” A New Malware Targeting Android Devices for Full Takeover

Gamaredon Hackers Weaponize LNK Files to Deliver Remcos backdoor

SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk

PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel

New Python-Based Discord RAT Targets Users to Steal Login Credentials

Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands

GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries

A Framework for Detecting Backdoor Attacks in Deep Learning Models

SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server

Related Articles

`Read Next`

`U.S. DOJ Seizes $8.2 Million from Hackers Linked to Pig Butchering Scam`

`“Crocodilus” A New Malware Targeting Android Devices for Full Takeover`

`Gamaredon Hackers Weaponize LNK Files to Deliver Remcos backdoor`

`SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk`

`PJobRAT Android Malware Masquerades as Dating and Messaging Apps to Target Military Personnel`

`New Python-Based Discord RAT Targets Users to Steal Login Credentials`

`Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands`

`GLPI ITSM Tool Flaw Allows Attackers to Inject Malicious SQL Queries`

`A Framework for Detecting Backdoor Attacks in Deep Learning Models`

`SHELBY Malware Steals Data by Abusing GitHub as Command-and-Control Server`

`Related Articles`