Jump to content

Chandramathi

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi Team, Is the block removed? We've a few customers report it now too.
  2. Thank you for your reply. This is the error response we received {"@timestamp": "2021-08-09T04:54:15.568Z", "message": "ANY: Just matched "files.zohoexternal.com" in database: "mbgc.db.trojan.2", "level": "INFO"} files.zohoexternal is the domain used in WorkDrive for serving upload and download functionalities.
  3. Hi Team, We, Zoho WorkDrive are a Cloud based Content Collaboration Software provided by Zoho Corporation; check this link - https://www.zoho.com/workdrive/ for more details. Our product has a feature which allows files/folders uploaded to WorkDrive and can be shared to everyone on the internet by generating an external link for the file. These links are hosted in a domain https://workdrive.zohoexternal.com /https://files.zohoexternal.com owned by ZohoCorporation. The former is used for file preview and the later is used for file download We learnt that MalwareBytes Browser Guard extension is not allowing users to download files from WorkDrive Here are the steps we perform to ensure that malware content does not get hosted from Zoho WorkDrive 1. We have an Anti Virus scan in place which validates the files during upload. This ensures that most malware cannot be uploaded to the cloud at all. 2. We also have a spam and fraudulence detection algorithm in place which identifies if the uploaded files are phishing documents. This means most spamming documents get filtered out as virus and never get published. We also regularly monitor abuse complaints from our customers to ensure that the few links that were missed to be captured by our mitigation steps are duly pulled down. Despite our best efforts to identify virus/spam and spammers a few spam files do get published from WorkDrive and in such unfortunate instances the entire domain gets blocked. We'd like to know if the domain can be classified as a "Content Collaboration" site so that in future instances the domain will not get blocked. Here is the VirusTotal classification of our site - https://www.virustotal.com/gui/url/08784a4d360a5bfe88af4bb372d0550c3f4cb40775ce230a4f1e4cc0394b52c0/detection . Regards, Chandramathi M
  4. It was previously discussed here too WorkDrive is for businesses to save their files and share them securely. It is a Content collaboration on the cloud solution a blanket ban on any of our domains can affect hundred thousands of users.
  5. Is there an option to change the reputation of the domain "zohoexternal" to a "Content collaboration" site? All files hosted here doesn't belong to Zoho but customers of Zoho. We're a document management store. When one user uploads a malicious file, thousands of other users can't access our service because the entire domain gets blocked. Is there a means to skip this?
  6. We've pulled down the virulent file from our end. Will you be able to unblock the domain now?
  7. Hi Team, We, Zoho WorkDrive are a Cloud based Content Collaboration Software provided by Zoho Corporation; check this link - https://www.zoho.com/workdrive/ for more details. Our product has a feature which allows files/folders uploaded to WorkDrive and can be shared to everyone on the internet by generating an external link for the file. These links are hosted in a domain https://workdrive.zohoexternal.com /https://files.zohoexternal.com owned by ZohoCorporation. The former is used for file preview and the later is used for file download (here is a sample link the file downloaded is an image and is not virulent). We learnt that MalwareBytes Browser Guard has categorised this domain as a phishing site and our customers receive alerts (I've attached screenshots of the same). Can you declassify the domain "https://*.zohoexternal.com as non-malicious so that our customers will be able to access the domain without any hassles. Here are the steps we perform to ensure that malware content does not get hosted from Zoho WorkDrive 1. We have an Anti Virus scan in place which validates the files during upload. This ensures that most malware cannot be uploaded to the cloud at all. 2. We also have a spam and fraudulence detection algorithm in place which identifies if the uploaded files are phishing documents. This means most spamming documents get filtered out as spam and never get published. We also regularly monitor abuse complaints from our customers to ensure that the few links that were missed to be captured by our mitigation steps are duly pulled down. Despite our best efforts to identify spam and spammers a few spam files do get published from WorkDrive and in such unfortunate instances the entire domain gets blocked. We'd like to know if the domain can be classified as a "Content Collaboration" site so that in future instances the domain will not get blocked. Regards, Chandramathi M
  8. Hi @gonzo, Thank you for delisting and can you let us know why the domain was blacklisted?
  9. Hi @Dashke Is it possible to remove the warning sign that appears for the"tdrive.li" domain?
  10. Hi @redwolfe_98, Thank you for sharing your comments. I'd like to inform you that the shortened_url domain itself is not a malicious site and here are the steps we perform to ensure that malware content does not get hosted from Zoho WorkDrive : 1. We do have an Anti Virus scan in place which validates the files during upload. So most malwares can not be uploaded to the cloud at all. 2. We also do have a spam and fraudulence detection algorithm in place which identifies if the uploaded files are phishing documents. So most spamming documents do get filtered out as spam and never get published. Despite our best efforts to identify spam and spammers a few spam files did get published which were duly pulled down. So we do think presence of one or two links should not cause the entire domain "tdrive.li" to be considered a threat. Rather the individual link that had the spam file can be considered a threat.
  11. Hi @Dashke, This was reported by some of our customers. Will try to gather necessary information from them and get back to you.
  12. We, Zoho WorkDrive are a Cloud based Content Collaboration Software provided by Zoho Corporation; check this link - https://www.zoho.com/workdrive/ for more details. Our product has a https://help.zoho.com/portal/kb/articles/external-file-sharing-in-team-folder#To_share_a_file_externally_from_a_Team_Folder which allows files/folders uploaded to WorkDrive and can be shared to everyone on the internet by generating an external link for the file. These hyperlinks are shortened links such as this one https://tdrive.li/J8HFH_WorkDriveDemo. Recently some of our customer complained that the following domain https://tdrive.li has been blocked by malwarebytes. Is it possible to whitelist the mentioned domain? And also can you let us know why the above domain has been blacklisted/blocked by malwarebytes?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.