Jump to content

Malwarebytes successfully blocking Outlook access to potentially malicious


guyg1

Recommended Posts

I am getting a pop up about once every time i send and receive on outlook 2016 reporting that Malwarebytes is blocking access to a potentially malicious

Category: Unspecified
Domain: u1214497.ct.sendgrid.net
IP Address: 167.89.118.35
Port: [52538]
Type: Outbound
File: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE

 

its been this way for a few days now and i get the popup 10 to 20 times a day

malware.txt

Link to post
Share on other sites

Thanks for this report, this should be resolved in our next database update. We put a  block on the domain due to some traffic coming from there, but have reduced it to block a specific subdomain of this primary domain

UPDATE

The block is being removed.

We're doing some more research into this and seeing strange traffic on this site which may warrant a full block. Before we do that though, we're trying to gather some information. Most likely this email is being used in an email campaign, which is why it's showing up in outlook. If possible, would anyone be willing to export an email that seems to be triggering this detection and send it to dcollins@malwarebytes.com so we can research it? Thanks

Edited by dcollins
Link to post
Share on other sites

We are curious to know why an idle Outlook program is trying to reach out to these blocked sites??  The user wasn't even using her laptop at the time and so strikes us as very strange behavior.  Is Malwarebytes Endpoint Protection perhaps analyzing emails landing in the Junk folder, triggering a block?

Link to post
Share on other sites

This started a few days ago.  I'm getting malicious popups also.  Mainly from NextDoor Neighborhood Support email to me:  help@hs.email.nextdoor.com

Also, I cannot access: sendgrid.net    Can't someone fix this?  It appears from this thread (and possibly others I haven't checked) that this is an ongoing "NEW" problem.  I hope it is fixed soon. 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.