Website
*.sendspace.com
Tags
Phishing Download Exfiltration
Phishing
Attackers can upload malicious files and share them to targets via SendSpace's email servers. sendspace.com asks for a sender email before sharing the files which allows the attacker to enter a fake email and therefore the files appear to be shared from the fake email. Alternatively, an attacker can grab the direct download link and share it with targets using alternative methods.
Command and Control
None
Exfiltration
Attackers can upload data to sendspace.com and share the link to themselves to download the exfiltrated data. Requires GUI access.
Download
Attackers can keep their tools stored on sendspace.com and when required, use the custom link to download. If the direct link is used then GUI access is not required.
Service Provider
Sendspace
Created: 2021-11-10
Last Update: 2021-11-10
Credits: mr.d0x