The universal browser makes some big promises to its potential users. Its online ads say “the fastest browser of all,” that people who use it “will avoid leaking privacy” and that the software will help you” However, all that may not be as it seems.
The browser, which is connected to Chinese online gambling websites and is thought to have been downloaded millions of times, is actually all the servers in China and “incorporating new findings from the network security Infoblox. The investigators say that the hidden “hidden” features include malware-like features, including “key logging, persistent communication,” and changing the device’s network connection.
Perhaps most importantly, infoblox researchers who work with the United Nations Office on Drugs and Crime (UNODC) at work, are linked to gambling, illegal gambling, human trafficking and the payment of labor using forced labor. The browser itself, the researchers say, is directly connected to the network surrounding a large online gambling company, the researchers who wrote the threat group called the vault ver.
Investigators say the discovery of the browser – and its suspicious and dangerous behavior – shows that criminals in the region are on the rise. “These criminal groups, especially organized crime in China, are increasing and they are emerging from cyber and they are empowering fraud, pigs, making them, scams, all that stuff, he works in this business when he works when he is an employee at Inodox.
“They will continue to drink twice, push back the profits, develop new skills,” Wojcik said. “The threat is ultimately getting worse and worse, and this is one example of where we’re seeing that.”
Under the hood
The global browser was first noticed – and named – by infodox and UNODC earlier this year when they began to release digital systems around Cambodian officials, who were under attack by law enforcement. Infoblox, which specializes in domain name (DNS) management and security, finds unique DNS fingerprints on those systems that connect to Vault Viper, enabling investigators to trace the infrastructure connected to the group.
Tens of thousands of Web domains, as well as various control and regulatory infrastructure and registered companies, are linked to the activity of the vault viper, infoblox researchers said in a report shared by wire. They also said they are examining pages of corporate documents, official records, and court documents that have links to BBIN or other subsidiaries. Time and time again, they find the browser space online.
“We’ve never seen a public domain browser without Domain Vault Viper Controls,” said MaĆ«l Le Touz, a risk researcher at Infoblox. The Infoblox report says the browser was ‘designed specifically to help people in Asia – where online gambling is illegal. “Each of the casino websites that operate seems to contain a link and advertising on it,” said Le Touz.
