Phishing
Attackers can use a customized subdomain of wordpress.com to host their phishing websites.
Command and Control
Attackers have previously used Wordpress as a C&C server.
Exfiltration
Attackers can upload exfiltrated data onto applications hosted on *.wordpress.com.
Download
Malicious tools can be stored on *.wordpress.com and downloaded when required.
Created: 2021-11-10
Last Update: 2021-11-10
Credits: mr.d0x