← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Polyfill supply chain attack hits 100K+ sites
WHITE bluenumberone 2024-06-26 Modified: 2024-06-26
8
IOCs
LOW VOLUME
A security firm, Sansec Forensics, has decoded malware injected into more than 100,000 web sites by the new owner of the Polyfill JS project, which inject malware into users' devices.
kuurzabitgetpolyfillscangooglesansec watchproduct pricingupdate junesanseciswin0x5ae1f8datemagentojunefebruarywin32window
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (8)
All URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL https://kuurza.com/redirect?from=bitget 2024-06-26
URL https://www.googie-anaiytics.com/ga.js 2024-06-26
URL https://www.googie-anaiytics.com/html/checkcachehw.js 2024-06-26
domain ecomscan.com 2024-06-26
domain kuurza.com 2024-06-26
hostname www.dxtv1.com 2024-06-26
hostname www.googie-anaiytics.com 2024-06-26
hostname www.ys752.com 2024-06-26
References (1)
↗ https://sansec.io/research/polyfill-supply-chain-attack