Website
*.web.core.windows.net
Tags
Phishing Download Exfiltration C&C
Phishing
Attackers have the ability to choose a customized subdomain on web.core.windows.net. Attackers abuse this functionality by hosting phishing websites using the web.core.windows.net subdomain.
Command and Control
*.web.core.windows.net can be used as C&C servers.
Exfiltration
Attackers can upload exfiltrated data onto applications hosted on *.web.core.windows.net
Download
Malicious tools can be stored on *.web.core.windows.net and downloaded when required.
Service Provider
Microsoft
Created: 2021-11-10
Last Update: 2021-11-10
Credits: mr.d0x