There are about 14 PC's on our network that are regularly trying to reach sync.bfmio.com and other bfmio.com url's. These attempts are being blocked by the content filter, which is great, but I am struggling to figure out what is generating this traffic in the first place. Has anyone dealt with this before?
Try disabling all the extensions in the browers except for the ones from reputable companies that you recognise.
We've started getting this, as well. A little digging points to Beachfront Media LLC on Amazon servers, which isn't saying much. Not sure what the root of this is, yet, or why machines are trying to reach and ostensibly sync with them.
Domain Name: BFMIO.COM
Registry Domain ID: 1906911790_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: http://www.godaddy.com
Updated Date: 2015-03-03T19:29:09Z
Creation Date: 2015-03-03T19:29:09Z
Registrar Registration Expiration Date: 2020-03-03T19:29:09Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone: +1.4806242505
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited http://www.icann.org/epp#clientUpdateProhibited
Domain Status: clientRenewProhibited http://www.icann.org/epp#clientRenewProhibited
Domain Status: clientDeleteProhibited http://www.icann.org/epp#clientDeleteProhibited
Registrant Organization: Beachfront Media LLC
Registrant State/Province: Florida
Registrant Country: US
Registrant Email: Select Contact Domain Holder link at
Admin Email: Select Contact Domain Holder link at
Tech Email: Select Contact Domain Holder link at
Name Server: NS-381.AWSDNS-47.COM
Name Server: NS-663.AWSDNS-18.NET
Name Server: NS-1494.AWSDNS-58.ORG
Name Server: NS-1643.AWSDNS-13.CO.UK
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
I've been tracking this for the past few months. My research hasn't come up with anything specific. Scans with ESET and MalwareBytes on reported devices hasn't come up with anything. I've seen it come up on fresh installs of Win 10 1809 as well.
My best guess is that it's a regular ad tracker, possibly used by Amazon or just hosted on AWS.
It seems to be a browser plugin:
I don't think so. I'd be wary of downloading from random "cleanup" links.
Install an ad blocker for affected users. The events go away.
Bleeping Computer is not random.
I had bfmio on several computers on our network and they were all related to chrome.
This is not necessarily related to Chrome. I have a number of machines with no Chrome installations where this activity manifests.
Beachfront Media serves up video and advertising. This is likely related to one of the apps Win10 will sometimes add seemingly at random. As stated further up the thread, a good ad-blocker should resolve the issue. Alternatively, manually set the domain in the Blocked URL patterns if you don't mind it clotting up the logs and want to be sure it continues to be blocked.
ADW Cleaner from Publisher:
In Chrome: ( https://support.google.com/chrome/answer/2765944?co )