top of page
Writer's pictureSecurity Operations

YUMPU domain seen heavily flooding malware


Over the last several days we have been reporting to other threat intelligence providers and partners that YUMPU domain that has been seen sending massive amounts of phishing and malware links. We thought we would sound the alarm publicly.

All Jigsaw Security protected customers have had this data for awhile now and all traffic to this domain has been sinkholed. Additional information is available in the JIgsaw Threat Intelligence and Jigsaw Intel Platform for review.


What is interesting is the eFax thesem but when hovering over the link it shows a docusign link that actually forwards to the yumpu domain. Be safe out there.


IOCS:

yumpu[.]com

yumpu[.]com/xx/document/view/xxxxxxxx/e-fax-document-received


The x's are usually a random string of numbers 8 digits in length.


110 views0 comments

Recent Posts

See All

Comments


bottom of page