top of page

Polyfill.io and security concerns deepen

The large supply chain attack involving polyfill.io, which has begun spreading malicious code to websites and may impact considerably more than the 100,000 sites initially predicted, is the subject of this week's threat report. We also talk about a typical package delivery scam and a phishing attack using document sharing. ConcealBrowse shields users from dangerous websites and phishing attempts by efficiently detecting and taking action against these threats using sophisticated heuristics and intelligence from security vendors.


Sansec revealed on June 25th that customers were receiving malicious malware from polyfill[.].io, a website that was previously benign and used to support websites with popular scripts. Visitors to websites that were infected with the code would be forwarded to malicious pages, endangering their devices and personal data. Domains tied to major companies like WarnerBros, Hulu, Mercedes-Benz, and Pearson were found to reference the malicious endpoint


Additional investigation has revealed that the number of compromised websites during this supply chain attack may be significantly larger than the previous estimate of 100,000. It is recommended that website managers make sure that all references to *.polyfill.js are changed to safe substitutes. ConcealBrowse uses heuristics and information from other security vendors to safeguard consumers by interfering with potentially infected websites.


This URL was first seen by security vendors in June and was detected by ConcealBrowse on July 2nd. Initially, only one security vendor was reporting the site as phishing, but there are currently fifteen vendors now flagging the site. ConcealBrowse intervened with a 31% risk assessment due to brand impersonation and suspicious behavior.


This site is involved in a document sharing phishing attack. The attack usually occurs when a user receives a deceptive email, typically from a contact they recognize. The email contains a link to a document that they are told to view with urgency. The phishing page states the user must validate their credentials before being permitted to view the document. While in an isolated session, all keyboard input is blocked. This means that users cannot enter their credentials into phishing pages, keeping their accounts safe from compromise.


Valuable Outcomes


As this recent threat reports exemplify, "ConcealBrowse offers comprehensive protection against many sophisticated cyber threats. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to confidently navigate the digital landscape, knowing their online activities are shielded from potential harm".


Sign Up for Free Licenses of ConcealBrowse


Join our growing list of clients using Conceal today and fortify your online security for free! Discover how ConcealBrowse provides essential browser-based threat protection, intercepting threats others miss and offering early intervention for advanced security. Protect your network from 100% of email and browser threats with ConcealBrowse.


Get started today at https://mwltec.com/concealbrowse




9 views0 comments

Recent Posts

See All

Comments


bottom of page