Attackers can upload malicious files and share them to targets via SendSpace's email servers. sendspace.com asks for a sender email before sharing the files which allows the attacker to enter a fake email and therefore the files appear to be shared from the fake email. Alternatively, an attacker can grab the direct download link and share it with targets using alternative methods.
Attackers can upload data to sendspace.com and share the link to themselves to download the exfiltrated data. Requires GUI access.
Attackers can keep their tools stored on sendspace.com and when required, use the custom link to download. If the direct link is used then GUI access is not required.
Last Update: 2021-11-10