Last Mile Reassembly Attacks occur when malicious components are assembled directly in the victim's browser, bypassing traditional network security solutions like Secure Web Gateways (SWG). In many cases, a file download event is not even triggered and the SWG is blind to it. In this case, SquareX detects the malicious payload at the last mile, be it a file download, upload or phishing site.
This attack takes advantage of the fact that Secure Web Gateways (SWGs) don't inspect certain protocols like WebRTC, WebSockets, WebTransport, and gRPC. While SWGs recommend blocking these protocols, doing so can break functionality for websites that depend on them. Attackers exploit this gap by using these channels to deliver malicious payloads directly to the client, bypassing traditional inspection methods. With SquareX, organisations can detect these malicious files at the last mile before it hits the user's disk.
This attack takes advantage of the fact that Secure Web Gateways (SWGs) don't inspect certain file types, like WebAssembly Modules, SVGs, CSS, JS, Images and so on. Attackers smuggle malware through these files and a client-side script extracts the malicious file. With SquareX, organisations can detect these malicious files at the last mile before it hits the user's disk.
A malicious file can be split into many parts and sent over the network. This attack takes advantage of the fact that Secure Web Gateways (SWGs) are not context aware and do not know if multiple download requests are originating from the same browser tab. With SquareX, organisations can detect these malicious files as they get assembled on the last mile, before it hits the user's disk.