Phishing
Attackers can use a *.appdomain.cloud subdomain to host their phishing websites. They can be used for credential harvesting or redirecting users to a malicious websites.
Command and Control
Attackers can use *.appdomain.cloud for C&C purposes.
Exfiltration
Attackers can use *.appdomain.cloud as storage and upload exfiltrated files there.
Download
Malicious tools can be stored on *.appdomain.cloud and downloaded when required.
Created: 2021-11-21
Last Update: 2021-11-21
Credits: Pon