This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

02 Malware Polyfill.io detected on Payments page-

Kreba
Level 1: Joiner
  • 6 Posts
  • 1 Topics
  • 0 Solutions
Registered:

‎01-08-2024 16:35

‎01-08-2024 16:35

Logged in, to check balance then looked at add balance payments and immediatly my malware detection program found cdn.polyfill.io code trying to inject itself into my browser JS . seems your website has a problem - The JavaScript CDN service Polyfill.io is being used for spreading malicious code redirecting users to third-party websites

Message 1 of 13
969 Views
0 Kudos
12 REPLIES 12

Bambino
Level 85: Esteemed
  • 24193 Posts
  • 1054 Topics
  • 3793 Solutions
Registered:

‎01-08-2024 16:43

‎01-08-2024 16:43

@Kreba This is not O2. This is a customer community. I will tag our community manager.

@Kei-M_O2 can you please look into this?

I DO NOT WORK FOR O2



Funniest-Thread-2
Message 2 of 13
754 Views

Kreba
Level 1: Joiner
  • 6 Posts
  • 1 Topics
  • 0 Solutions
Registered:

‎01-08-2024 17:25

‎01-08-2024 17:25

I went the Contact us route to see if I could send an email about the malware detection however the only Help and Support links are about accounts, devices and contracts nothing about the website itself, So I tried with asking a virtual assistant which brought me to a screen where it said start a discussion which brought me here. So I take it that theres no way to report this - other than here?

Message 3 of 13
734 Views
0 Kudos

Bambino
Level 85: Esteemed
  • 24193 Posts
  • 1054 Topics
  • 3793 Solutions
Registered:

‎01-08-2024 17:54

‎01-08-2024 17:54

@Kreba All ways to contact O2 can be found here: How to find help & contact O2: A Guide - O2 Community

I don't know how much good that will do to help you.

I DO NOT WORK FOR O2



Funniest-Thread-2
Message 4 of 13
720 Views

bhaskarsamani
Level 2: Apprentice
In response to Kreba
  • 57 Posts
  • 2 Topics
  • 0 Solutions
Registered:

‎01-08-2024 17:57

‎01-08-2024 17:57

contact o2 on 0344 809 0202 

Message 5 of 13
718 Views
0 Kudos

Kreba
Level 1: Joiner
  • 6 Posts
  • 1 Topics
  • 0 Solutions
Registered:

‎01-08-2024 18:07

‎01-08-2024 18:07

Took some digging, after many redirects and rabbit holes I've found the CyberSecReport@o2.com and posted there, Whether it would help or fix anything, I don't feel safe going to the top up page anymore from news articles from just a few months back shows the Polyfill-io supply chain attacks affecting payment sites I'll just top via voucher instead. 

Message 6 of 13
709 Views
0 Kudos

pgn
Level 77: Grand Master
In response to Kreba
  • 39182 Posts
  • 243 Topics
  • 1778 Solutions
Registered:

‎01-08-2024 18:14

‎01-08-2024 18:14

A bit of background on this particular threat, for info:

https://blog.redsift.com/news/understanding-the-polyfill-io-domain-attack/

Links to O2 Social Media Team here
NoAccountAccess

O2CommunityAward


Message 7 of 13
703 Views

Kei-M_O2
Community Manager
Community Manager
In response to pgn
  • 102 Posts
  • 5 Topics
  • 0 Solutions
Registered:

‎02-08-2024 09:48

‎02-08-2024 09:48

Thanks all, I've raised this with one of our security teams to investigate. I'll let you know if we need any further information in the meantime.

Message 8 of 13
620 Views

Kei-M_O2
Community Manager
Community Manager
In response to Kei-M_O2
  • 102 Posts
  • 5 Topics
  • 0 Solutions
Registered:

‎02-08-2024 10:48

‎02-08-2024 10:48

@Kreba can you give me a link to the page?

Message 9 of 13
604 Views
0 Kudos

Kreba
Level 1: Joiner
  • 6 Posts
  • 1 Topics
  • 0 Solutions
Registered:

‎02-08-2024 12:18 - edited ‎02-08-2024 12:23

‎02-08-2024 12:18 - edited ‎02-08-2024 12:23

@Kei-M_O2  Site URL - myo2payg.o2.co.uk - detection program found a redirect script from cdn.polyfill io - It's the top up page so https://myo2payg.o2.co.uk/webtopup/details?journey=signedIn&disambiguation_id=a926f33b-cf9b-44f0-bf5...

Message 10 of 13
570 Views
Top Kudoed Authors
View all
Top