Phishing
Attackers can upload malicious files and share them to targets via WeTransfer's email servers. wetransfer.com validates the sender email before using it.
Exfiltration
Attackers can upload data to wetransfer.com and share the link to themselves to download the exfiltrated data. Requires GUI access.
Download
Attackers can keep their tools stored on wetransfer.com and when required, use the custom link to download.
Created: 2021-11-10
Last Update: 2021-11-10
Credits: mr.d0x