- cross-posted to:
- news@lemmy.world
- cross-posted to:
- news@lemmy.world
You must log in or register to comment.
[…] code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites.
I wonder if the intent was to actually send users to these sites, or to generate bogus clicks on ad links.
Seems like a lot of effort to go through just to drive a little extra traffic to some random porn sites.
Could also have been a test run
Maybe to see how quickly it was noticed? Yeah, possibly
A very expensive test run
Imagine the face of the state sponsored attacker that ordered to spend hundreds of thousands of dollars for this supply chain attack to happen and then it’s all wasted to send a few visitors to a porn site
Cloudflare’s (pretty good IMO) response was pretty indicative of how bad this was. It sounded a lot to me (without that low level of familiarity of exactly everything they offer) like they specifically built some new tooling just to handle this issue at scale. They definitely said that changing links on pages (without an opt in for free users, who generally are less advanced/serious) is not something that they want to do, which is good, but I do think this specific scenario justified defaulting to enabled for customers who aren’t paying for the service.