Attackers can use Google Translate to masquerade their domain for phishing purposes. The attacker's domain will be transformed to the following format: attacker-site-tld.translate.goog.
Command and Control
None
Exfiltration
None
Download
Attackers can upload files onto their malicious domain, masquerade it with Google Translate and then when required, use the *.translate.goog link to download the tool.