Detect polyfill.io and Funnull CDN malware on GitHub Pages and arbitrary websites
Project description
bootlegg
Detect GitHub Pages sites loading scripts from Funnull-controlled CDNs — polyfill.io, BootCSS, BootCDN, Staticfile, and a growing set of typosquat fronts.
Our scan found 1,960 GitHub Pages sites still loading malicious CDN scripts as of June 2026: 786 via polyfill.io (weaponized June 2024), 1,191 via Funnull's BootCSS / BootCDN / Staticfile CDNs (malicious since June 2023, OFAC-sanctioned May 2025). Infected sites collectively carry over 530,000 GitHub stars — including microsoft/AirSim (18k ⭐), deeplearning-ai/machine-learning-yearning-cn (7.8k ⭐), and CyC2018/CS-Notes (184k ⭐), the primary technical interview reference for Chinese software engineers.
Install
pip install bootlegg
Or run directly without installing:
python3 -m bootlegg https://user.github.io/repo/
Usage
bootlegg https://user.github.io/repo/
For github.io URLs, bootlegg automatically finds the source repo and runs two checks:
- Source scan — searches GitHub Code API for CDN references in the repo's files
- Live crawl — fetches the site (mobile UA + desktop fallback), walks linked pages
up to
--max-pages(default: 30), and scans each for malicious script tags
# GitHub token raises source scan from 10 → 30 req/min
bootlegg https://user.github.io/repo/ --token ghp_xxx
# or: export GITHUB_TOKEN=ghp_xxx
# Any site (no GitHub source search)
bootlegg https://example.com --no-github
# Single-page check, no crawl
bootlegg https://user.github.io/ --max-pages 1
# JSON output for scripting; exits 1 if infected
bootlegg https://user.github.io/ --json | jq .summary
What it detects
| CDN | Status | Notes |
|---|---|---|
| polyfill.io | Malicious | Acquired by Funnull Feb 2024; malware injected Jun 2024 |
| cdn.polyfill.io | Malicious | Same domain, different subdomain |
| polyfill.cn / polyfill.com | Malicious | Mirror / typosquat |
| bootcss.com | Malicious | Confirmed Funnull operator; malicious since Jun 2023 |
| bootcdn.net | Malicious | Confirmed Funnull operator |
| staticfile.org / staticfile.net | Malicious | Confirmed Funnull; OFAC-sanctioned May 2025 |
| jquecy.com | Malicious | Typosquats jQuery |
| jsdclivr.com | Malicious | Typosquats jsDelivr |
| clondflare.com | Malicious | Typosquats Cloudflare |
| bytedauce.com | Malicious | Typosquats ByteDance |
| bdustatic.com | Malicious | Typosquats BDU Static |
| ailyunoss.com | Malicious | Typosquats Alibaba Cloud OSS |
| cdn1.ai | Suspected | Post-sanction Funnull front, stood up Jun 2025 |
| bolecnd.com | Suspected | Post-sanction Funnull CDN front |
| yunray.ai | Suspected | Post-sanction Funnull CDN front |
| cdn5.com | Suspected | Post-sanction Funnull CDN front |
| ctgcdn.com | Suspected | Post-sanction Funnull CDN front |
| macoms.la / unionadjs.com | C2 infra | Funnull redirect / C2 infrastructure |
Fix
bootlegg can automatically patch local files:
# Scan a local directory and show what would change
bootlegg ./my-site
# Apply fixes in-place (originals backed up as <file>.bak)
bootlegg ./my-site --fix
# Or a single file
bootlegg index.html --fix
Auto-replacements applied by --fix:
| Malicious CDN | Safe replacement |
|---|---|
| polyfill.io / polyfill.cn / polyfill.com | polyfill-fastly.io (drop-in) |
| bootcss.com / bootcdn.net | cdnjs.cloudflare.com |
| staticfile.org / staticfile.net | cdnjs.cloudflare.com* |
* staticfile.org uses /{lib}/{ver}/ paths vs. cdnjs's /ajax/libs/{lib}/{ver}/ — verify those URLs load after fixing.
Typosquats and C2 infrastructure (macoms.la etc.) are flagged but not auto-replaced — remove those <script> tags manually.
Scan data
infected_sites.md — 1,960 GitHub Pages sites confirmed
loading malicious CDN scripts across two June 2026 scans (subdomain BFS crawl up to 30 pages
per site + Sourcegraph-based discovery).
Background
In February 2024, the polyfill.io domain was acquired by Funnull Technology Inc., a Chinese CDN operator. In June 2024, Cloudflare and Sansec discovered that Funnull had modified the served JavaScript to inject malware targeting mobile browsers — redirecting users to gambling and adult sites via fake browser-update popups. Over 100,000 sites were affected globally at peak.
Sansec and Censys later confirmed (via shared Cloudflare account credentials) that BootCSS, BootCDN, and Staticfile are operated by the same entity and had been injecting malicious code since at least June 2023, a year before the polyfill incident became public. The US Treasury sanctioned Funnull / Triad Nexus in May 2025.
References:
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file bootlegg-0.2.0.tar.gz.
File metadata
- Download URL: bootlegg-0.2.0.tar.gz
- Upload date:
- Size: 13.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fc53bc8f4c5763db80ce573c1a4d122534d5891c093c91c8bdb3f58676ed6aa3
|
|
| MD5 |
167553362d63170994cae92cd3da7775
|
|
| BLAKE2b-256 |
71f1889e7fbdb7155925ec300c849d2efdbdfd770baf676039fb70fa14bfaebb
|
File details
Details for the file bootlegg-0.2.0-py3-none-any.whl.
File metadata
- Download URL: bootlegg-0.2.0-py3-none-any.whl
- Upload date:
- Size: 11.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3020e5fce0e28cafa7e92032664061a10481bcece3b5fc7359b1f7c8960754b1
|
|
| MD5 |
979b8ac806ad2504a1980899853fa334
|
|
| BLAKE2b-256 |
3808ab1471da47391000cd425f881ccb417ef88cf9a82accf66e07799d857044
|
