YUMPU domain seen heavily flooding malware


Over the last several days we have been reporting to other threat intelligence providers and partners that YUMPU domain that has been seen sending massive amounts of phishing and malware links. We thought we would sound the alarm publicly.

All Jigsaw Security protected customers have had this data for awhile now and all traffic to this domain has been sinkholed. Additional information is available in the JIgsaw Threat Intelligence and Jigsaw Intel Platform for review.


What is interesting is the eFax thesem but when hovering over the link it shows a docusign link that actually forwards to the yumpu domain. Be safe out there.


IOCS:

yumpu[.]com

yumpu[.]com/xx/document/view/xxxxxxxx/e-fax-document-received


The x's are usually a random string of numbers 8 digits in length.


2 views

Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2020 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business