News
Thousands of websites hijacked by this malware: How you can protect yourself
Over 150,000 websites have been hijacked in a major malware campaign that redirects users to fake gambling pages. Here's how to stay safe and protect your site.

- March 28, 2025
- Updated: March 28, 2025 at 3:02 PM

A massive wave of cyberattacks has compromised over 150,000 websites, redirecting users to fake gambling platforms and deploying malware via full-screen overlays. Security firm c/side warns that this campaign has rapidly escalated from its initial 35,000 infections, raising serious concerns about the scale and persistence of the threat.
Malicious overlays and fake gambling sites
According to c/side, the attackers are injecting malicious scripts that hijack browsers using iframes, displaying fake gambling content—often under the Kaiyun brand—disguised as legitimate betting platforms. The malware is primarily targeting users in Mandarin-speaking regions, suggesting potential ties to Chinese threat actors and possibly linked to the known Megalayer exploit.
Once loaded, the script fully overtakes the browser window, forcing users to interact with fake pages. Researchers note that these overlays are designed to trick users into staying engaged, potentially downloading further malware or sharing sensitive information.
How websites are being compromised
While the exact attack vector remains unclear, once attackers gain access to a website, they insert code that loads from suspicious domains like zuizhongjs[.]com
and p11vt3[.]vip
. These domains serve the malicious scripts that execute the hijack.
c/side recommends that administrators conduct thorough code audits, monitor traffic logs, and implement firewall rules to block these domains. Keeping an eye on unexpected outgoing requests is critical to identifying infections early and mitigating the damage.
Staying safe online
For users, the best defense is staying vigilant when browsing unfamiliar or compromised-looking sites. Avoid clicking suspicious links, and ensure browser and antivirus software are always up to date. When in doubt, close the window and verify the site manually.
Latest from Agencias
You may also like
Fallout was almost a clone of Diablo because of Interplay's marketing department
Read more
The new game from the creators of Danganronpa comes out this week and could lead them to bankruptcy
Read more
Windblown, the new roguelike from the creators of Dead Cells, receives its first major update
Read more
Everything you need to know about Stadium, the new game mode in Overwatch 2
Read more
They are being honest at Bungie: not even they know how much Marathon will cost
Read more
China’s Secret Submarine Base Uncovered Amid Military Expansion
Read more