Malicious files can be uploaded on gofile.io and then have the direct link shared with targets in phishing attacks.
Command and Control
Attackers can upload data to gofile.io and share the link to themselves to download the exfiltrated data.
Attackers can keep their tools stored on gofile.io and when required, use the direct download link to fetch the tools.
Last Update: 2021-11-13