Jump to content

dw3i9sxi97owk.cloudfront.net is a False Positive

Stavros

By Stavros
in Website Blocking

 Share

Recommended Posts

Stavros

Stavros

Posted
Posted

Hi,

I am member of the team responsible for running https://www.peopleperhour.com and our users are telling us that our CloudFront domain ( dw3i9sxi97owk.cloudfront.net ) is being blocked by malwarebytes premium. This domain fronts a AWS S3 bucket where we upload "user generated content" such as profile avatar images and user portfolio items. Although we use a virus scanner, it is possible that a malicious user has uploaded malware to our CloudFront domain - we will be sure to remove anything suspicious immediately if you are aware of anything? It is in our interests this domain is clean and we certainly want to protect our users. The overwhelming majority of files will be safe so blocking the whole domain isn't necessary and makes our website ugly to malwarebytes users.

we had a similar problem in the past. ref. https://forums.malwarebytes.com/topic/247879-dw3i9sxi97owkcloudfrontnet-is-a-false-positive 

As we were mentioned in the previous case we had, most of the files reported are only marked as malware by 1 engine, "Yandex Safebrowsing" and seem to be false positive any other file that is reported from more malware engines are already removed from our internal AV system. 

ref. https://www.virustotal.com/gui/domain/dw3i9sxi97owk.cloudfront.net/relations

Please let me know if there is something more to do to become unblocked by your system.

 

Regards, 

Stavros F.

 

Link to post
Share on other sites
  • Staff
TeMerc

TeMerc

Posted
  • Staff
Posted
2 hours ago, Stavros said:

Hi,

I am member of the team responsible for running https://www.peopleperhour.com and our users are telling us that our CloudFront domain ( dw3i9sxi97owk.cloudfront.net ) is being blocked by malwarebytes premium. This domain fronts a AWS S3 bucket where we upload "user generated content" such as profile avatar images and user portfolio items. Although we use a virus scanner, it is possible that a malicious user has uploaded malware to our CloudFront domain - we will be sure to remove anything suspicious immediately if you are aware of anything? It is in our interests this domain is clean and we certainly want to protect our users. The overwhelming majority of files will be safe so blocking the whole domain isn't necessary and makes our website ugly to malwarebytes users.

we had a similar problem in the past. ref. https://forums.malwarebytes.com/topic/247879-dw3i9sxi97owkcloudfrontnet-is-a-false-positive 

As we were mentioned in the previous case we had, most of the files reported are only marked as malware by 1 engine, "Yandex Safebrowsing" and seem to be false positive any other file that is reported from more malware engines are already removed from our internal AV system. 

ref. https://www.virustotal.com/gui/domain/dw3i9sxi97owk.cloudfront.net/relations

Please let me know if there is something more to do to become unblocked by your system.

 

Regards, 

Stavros F.

 

Hello, thanks for bringing this to our attention. We've reviewed the site again and have determined it no longer warrants being blocked so we've removed it from our database.

Removal should be reflected in the next database update going out in a few hours or so.

Link to post
Share on other sites
  • TeMerc locked this topic
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.