Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Polyfill(.)io attack affected more than 380,000 hosts, including large companies
Global Security

Polyfill(.)io attack affected more than 380,000 hosts, including large companies

AdminBy AdminJuly 6, 2024No Comments3 Mins Read
Polyfill Attack
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


July 5, 2024Information hallSupply Chain Attack / Malware

Polyfill Attack

The supply chain attack targeting the widely used JavaScript library Polyfill(.)io is larger than previously thought, with new findings from Censys reveals that as of July 2, 2024, more than 380,000 hosts embed a polyfill script that links to a malicious domain.

This includes references to “https://cdn.polyfill(.)io” or “https://cdn.polyfill(.)com” in their HTTP responses, the attack surface management firm said.

“Approximately 237,700 are in the Hetzner network (AS24940), mainly in Germany,” it said. “It’s no surprise – Hetzner is a popular web host and many website developers use it.”

Further analysis of the affected hosts revealed domains associated with well-known companies such as WarnerBros, Hulu, Mercedes-Benz, and Pearson that link to the malicious endpoint in question.

Cyber ​​security

Details of the attack emerged in late June 2024 when Sansec wary this code, hosted on the Polyfill domain, has been modified to redirect users to adult and gambling websites. Code changes were made so that redirects only occurred at certain times of the day and only to visitors who met certain criteria.

The nefarious behavior is said to have been introduced after the domain and its associated GitHub repository were sold to Chinese company Funnull in February 2024.

This has since prompted domain registrar Namecheap to suspend the domain, content delivery networks such as Cloudflare to automatically replace Polyfill links with domains leading to alternative secure mirror sites, and Google to block ads for sites that embed the domain.

Polyfill Attack

While the operators tried to restart the service under another domain called polyfill(.)com, it was also removed by Namecheap as of June 28, 2024 two other domains registered by them since the beginning of July – polyfill(.)site and polyfillcache(.)com – the latter continues to work.

Also, more branched network potentially related domains, including bootcdn(.)net, bootcss(.)com, staticfile(.)net, staticfile(.)org, unionadjs(.)com, xhsbpza(.)com, union.macoms(.)la , newcrbpc(.)com, was found to be associated with Polyfill maintainers, indicating that the incident may be part of a wider malicious campaign.

Cyber ​​security

“One of these domains, bootcss(.)com, has been seen in malicious activity very similar to the polyfill(.)io attack, with evidence dating back to June 2023,” Censys noted, adding that 1.6 million public hosts that link to these suspicious domains.

“It would not be entirely unreasonable to consider the possibility that the same attacker responsible for the polyfill.io attack could use these other domains for similar activities in the future.”

The development comes as WordPress security company Patchstack warned the cascading risks associated with a Polyfill supply chain attack on sites running a content management system (CMS) via dozens of legitimate plugins linking to a spoofed domain.

Did you find this article interesting? Follow us Twitter  and LinkedIn to read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025

Why are more security leaders choose AEV

June 6, 2025

New data Wiper Pathwiper Data Wiper violates Ukrainian critical infrastructure in 2025 attack

June 6, 2025

Popular Chrome Extensions API leaks, user data via HTTP and Hard Codes

June 5, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025

Why are more security leaders choose AEV

June 6, 2025

New data Wiper Pathwiper Data Wiper violates Ukrainian critical infrastructure in 2025 attack

June 6, 2025

Popular Chrome Extensions API leaks, user data via HTTP and Hard Codes

June 5, 2025

Researchers in detail in detail decisively developing tactics as it expands its geographical volume

June 5, 2025

Iran related

June 5, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.