Attackers can upload malicious files and share them to targets via FileTransfer.io's email servers. filetransfer.io asks for a sender email before sharing the files which allows the attacker to enter a fake email and therefore the files appear to be shared from the fake email.
Attackers can upload data to filetransfer.io and share the link to themselves to download the exfiltrated data. Requires GUI access.
Attackers can keep their tools stored on filetrasnfer.io and when required, use the custom link to download. Requires GUI access.
Last Update: 2021-11-10