Phishing Download Exfiltration C&C
Attackers have used to store malicious files and then share them with targets. Attackers can also have users redirected to malicious domains via links embedded in certain file types such as PDF.
Command and Control
Dropbox has been used by attackers as C&C servers. The open source tool DBC2 (DropBoxC2) can be used to utilize DropBox as a C&C server.
Exfiltration can be used to store exfiltrated files on there.
Download creates shared links for files which enables attackers to store tools there and download them when required.
Service Provider
Created: 2021-11-10
Last Update: 2021-11-10
Credits: mr.d0x, @EthanRobish