Website
*.azurewebsites.net
Phishing
Azure web applications allows users to create a customized subdomain on azurewebsites.net. Attackers abuse this functionality by hosting phishing websites using the azurewebsites.net domain.
Command and Control
Malware such as Almaq have used Azure web applications as their C&C servers.
Exfiltration
Attackers can create web applications with upload functionalities hosted on *.azurewebsites.net and exfiltrate data on there.
Download
Attackers can host malicious tools on applications hosted on *.azurewebsites.net and download them when needed.
Created: 2021-11-10
Last Update: 2021-11-10
Credits: mr.d0x