Formerly legitimate Polyfill.io domain abused to serve malicious code
- by nlqip
“The malicious code dynamically generates payloads based on HTTP headers, activating only on specific mobile devices, evading detection, avoiding admin users and delaying execution,” according to c/side.
Some of the doctored JavaScript files include a fake Google analytics link that redirects users to sports or pornography websites. As c/side warns, the content being served up could easily be changed to something more malign, perhaps something that subverted users’ browsing experience or stole their data.
Visitors to as many as 100,000 websites might be at risk of attack, according to c/side.
Source link
lol
“The malicious code dynamically generates payloads based on HTTP headers, activating only on specific mobile devices, evading detection, avoiding admin users and delaying execution,” according to c/side. Some of the doctored JavaScript files include a fake Google analytics link that redirects users to sports or pornography websites. As c/side warns, the content being served up…
Recent Posts
- NetApp CEO Says Don’t Call NetApp A Storage Company
- CISA proposes new security requirements to protect govt, personal data
- Unisys, Check Point, Mimecast, Avaya Fined By SEC Over SolarWinds-Related Breaches
- Lenovo ISG Leader Says ‘Meet-In-The-Channel’ AI Solutions Made For Partners To Deliver Value
- Google Voice scams: What are they and how do I avoid them?