Over 100,000 Websites Affected by Polyfill Supply Chain Attack

Resources
Over 100,000 Websites Affected by Polyfill Supply Chain Attack

Published:

Written by: Staff Editor
spot_img

Supply Chain Attack Hits Over 100,000 Websites – Malicious Polyfill Injection and Impact

A Massive Supply Chain Attack Hits Over 100,000 Websites, Including Major Platforms

A widespread supply chain attack has targeted more than 100,000 websites, causing chaos for notable platforms like JSTOR, Intuit, and the World Economic Forum. The attack originated from a fake domain posing as the popular open-source library Polyfill.js, which provides support for older browsers.

The Chinese company Funnull acquired the domain and GitHub account associated with the Polyfill.js project in February, allowing them to insert malware into sites that utilize cdn.polyfill.io. The malicious code is specifically designed to redirect mobile users to sports betting or explicit sites using a counterfeit Google Analytics domain.

Security researchers have highlighted the sophisticated nature of the injected malware, which adapts dynamically based on HTTP headers, making it challenging to detect. This Polyfill injection assault exemplifies a supply chain attack targeting a widely used library, showcasing the vulnerability of interconnected digital ecosystems.

The compromised Polyfill code generates malware tailored to specific conditions, such as targeted mobile devices and circumventing admin detection. The attack has far-reaching consequences, prompting Google to block ads for e-commerce sites using polyfill.io and even subjecting researchers to DDoS attacks after uncovering the campaign.

In response to the incident, the original Polyfill author, Andrew Betts, advised against Polyfill usage and emphasized the critical need for vigilance when integrating external code libraries. Experts have established a domain, polykill.io, to alert website owners of the risks associated with the compromised Polyfill project and recommend switching to secure alternatives like Fastly and CloudFlare.

This attack serves as a stark reminder of the security risks inherent in relying on third-party scripts and the essential measures needed to safeguard digital infrastructure from malicious takeovers and supply chain vulnerabilities.

spot_img

Related articles

Recent articles

Miahona Consortium Chosen as Preferred Bidder for $799 Million Arana ISTP Project

Regional
Miahona and Marafiq Selected for Major Makkah Sewage Treatment Project Key Partnership Announcement Power and Water Utility Company for Jubail and Yanbu (MARAFIQ) and Miahona Company...
Read more

Apple and Google Warn of New Global Cyber Threats

Global
Apple and Google Warn Users of Global Cyber Threats Overview of Recent Threat Notifications In recent developments, tech leaders Apple and Google have issued urgent cyber-threat...
Read more

Dark Web Diaries: Unveiling Luxembourg’s Hidden Struggle

Dark Watch
Luxembourg is emerging as a digital powerhouse, yet the nation faces a growing array of cybersecurity threats. While it is well known for its...
Read more

Walmart Shoppers Beware: Major Scam Hits Millions

Fact Check
A large-scale robocall scam is targeting millions of Walmart shoppers in the U.S. by impersonating the retailer’s customer service and inventing fake high-value purchases...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com