Is your Website at Risk of spreading malware?Polyfill.io code attack hits 100,000+ companies

  • Developer
  • July 23, 2024
  • Edited 2 months ago

Table of Contents

In a recent supply chain cyber-attack, WordPress sites using Polyfill.io have been transformed into malware-spreading zombie sites. The once trusted Polyfill.io library has been used to add JavaScript code in order to increase the functionality of a website’s code in older browsers. Since the polyfill.io domain was sold earlier this year, it is suspected that more than 100,000 websites have inadvertently exposed their website traffic to malicious code. One does not need to click on anything. Simply visiting an infected domain will transfer the malicious code to one’s browser.

Google is taking a proactive approach by alerting affected site owners and blocking Google Ads that feed to their websites.

Even the creator of the open-source Polyfill project, Andrew Bets, is urging site owners to remove its code from their sites, noting that apart from infecting customers’ browsers with malicious code, Polyfills are really no longer needed. (see article from The Register below). ILLÜM Advisors suggests you remove Polyfill from website(s) immediately.

Quick steps to take immediately.

  • Implement a DNS Security Product: It is crucial for both your office network and remote workers to have DNS filtering in place. This helps prevent employees from accessing malicious websites. We use CloudFlare, which has effectively blocked access to numerous sites compromised by the Polyfill.io component.
  • Repoint code repositories to CloudFlare: Search for instances of polyfill.io and replacing it with cdnjs.cloudflare.com/polyfill (Cloudflare’s mirror). This is a non-breaking change as the two URLs will serve the same polyfill content. All website owners, regardless of the website using Cloudflare, should do this now.
  • Stop Using Polyfill.io: Temporarily disable the service and switch to local copies of necessary scripts.
  • Scan for Malicious Code: Use security tools to scan your website for any injected malicious code.
  • Notify Users: Inform your users about the potential risk and advise them on how to protect themselves.
  • Consult Security Experts: Engage with cyber security experts, like iLLÜM Advisors, to assess the damage and implement stronger security measures.

See the full article here: Remove Polyfill.io code from your website immediately • The Register

Contact ILLÜM Advisors for a quick sanity check to make sure you are protected

 Schedule a conversation with iLLÜM Advisors today.

Share this article with a friend

G.S.D.
Get. Success. Delivered.

  • Aligned
  • Accelerated
  • Budgeted
  • Governed
  • Secured
  • Transparent

We respond within 24 hours

iLLUM understands that IT is the framework upon which an entire business operates. In order to match the level of responsiveness our customers require for IT issues, iLLUM has invested heavily in developing customer platforms that allow us to onboard new clients in a matter of hours. If you reach out to us, we will respond and make ourselves available to meet within 24 hours.

Subscribe to our monthly newsletter

iLLÜM was founded to serve organizations that need clear visibility in the areas of IT leadership, program management, and their exposure to risk.

Quick Links
Important Links
Let’s Connect!
Connect with entrepreneurs, build your network, make great business.
Twitter
Facebook
Linkedin
  • Phone
  • Mail
  • WhatsApp
  • Messenger
× Send
Copyright © 2024 by IlUM Advisors

Powered by Webtec

Create an account to access this functionality.
Discover the advantages