Understanding the Recent Hack of Polyfill.io: What Website Owners Need to Know

In a significant and alarming development, over 100,000 websites have been impacted by a supply chain attack involving Polyfill.io, a popular JavaScript CDN service. This attack has raised concerns and questions among website owners and developers alike. Here’s what happened and what it means for your website.

What Happened?

Earlier this year, a Chinese company named Funnull acquired the domain polyfill.io. Soon after, researchers discovered that the CDN was delivering malicious JavaScript code to websites embedding scripts from cdn.polyfill.io. This code redirected mobile visitors to scam sites and injected malware into their devices.

The domain polyfill.io has been shut down by its registrar, Namecheap, but the service owners have relaunched it on a new domain, polyfill.com. Despite their claims of being “maliciously defamed” and insisting that there are “no supply chain risks,” security experts and findings suggest otherwise.

 

What This Means for Website Owners

  1. Potential Security Risks: If your website uses scripts from the old Polyfill.io domain, your visitors could have been exposed to malware. This could lead to loss of trust, data breaches, and potential legal liabilities.
  2. Immediate Action Required: It’s crucial to check your website’s code for any references to cdn.polyfill.io and replace them with safer alternatives.
  3. Impact on SEO and Advertising: Google has started notifying advertisers that their landing pages might be contaminated with malicious scripts from Polyfill.io, potentially redirecting visitors without the website owner’s knowledge.
  4. Trust and Credibility Issues: Using a compromised service like Polyfill.io can damage your website’s reputation. Visitors who encounter security warnings or malware issues may lose trust in your brand.

How to Protect Your Website

  1. Audit Your Code: Immediately audit your website’s code for any references to cdn.polyfill.io. Replace them with trusted alternatives like those provided by Cloudflare and Fastly.
  2. Implement Security Measures: Use Content Security Policy (CSP) and Subresource Integrity (SRI) to prevent similar attacks in the future. These tools help ensure that only authorized scripts run on your site.
  3. Stay Informed: Regularly update yourself on security threats and best practices. Subscribe to security bulletins and follow trusted sources for the latest information.
  4. Consult Security Experts: If you’re unsure about how to secure your site or need a thorough audit, consider reaching out to cybersecurity experts.

 

Worried about your website’s security? Contact us today for a free security audit. Ensure your site is safe and secure from potential threats.

 

Moving Forward

The Polyfill.io incident is a stark reminder of the vulnerabilities that come with using third-party services. As a website owner, it’s essential to be vigilant and proactive about security. Regular audits, implementing robust security measures, and staying informed can help protect your site and your visitors.

 

"*" indicates required fields

Contact Us for a Free Consultation

Name*

 

Remember, security is not a one-time task but an ongoing process. By taking the right steps now, you can safeguard your website against future threats and maintain the trust and confidence of your visitors.

 

Read More on this attack with the following articles

https://www.sonatype.com/blog/polyfill.io-supply-chain-attack-hits-100000-websites-all-you-need-to-know

https://sansec.io/research/polyfill-supply-chain-attack

https://www.bleepingcomputer.com/news/security/polyfill-claims-it-has-been-defamed-returns-after-domain-shut-down/