Remember our CDN alert? We do too!


Back on 15 May 2017, Jigsaw Security put out a bulletin (JS-006-17) Trojaned CDN Downloaders. We put out this alert because some of our customers were getting hit with malware when downloading common programs such as Firefox and VLC Media player as examples. What is interesting is that we have not seen the media report on any of these issue, until today.

This morning when researching what is occuring within the security space we came upon two separate articles discussing an incident in Brazil that looked extremely similar to our findings back in may. We put out a bulletin, generated IOC's and pushed those protections to our customers back in May. Today we updated that same information. What is troubling is that it took the industry 4 months to detect this activity even though we warned them.

Reference Documents:

WeLiveSecurity - DownAndExec: Banking malware utilizes CDNs in Brazil

SecurityWeek Article: New Attack Uses CDN to Spread Malware

Over the last 4 months we have been observing the activity and estimate nearly 1.2 million infections during that time and the sad part is that they could have been prevented. We have to question if the executive order that authorized sharing is working. In fact we have been waiting for months and months for approvals needed to get us involved in the process. Until the smaller firms that have the data are included, it's just a pipe dream.

Need to protect your environments? The Jigsaw FirstWatch sensor can stop the infection chain without an endpoint agent. Read about our protection here.

#CDN

0 views

Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.