Website
wetransfer.com
Tags
Phishing Download Exfiltration
Phishing
Attackers can upload malicious files and share them to targets via WeTransfer's email servers. wetransfer.com validates the sender email before using it.
Command and Control
None
Exfiltration
Attackers can upload data to wetransfer.com and share the link to themselves to download the exfiltrated data. Requires GUI access.
Download
Attackers can keep their tools stored on wetransfer.com and when required, use the custom link to download.
Service Provider
WeTransfer B.V
Created: 2021-11-10
Last Update: 2021-11-10
Credits: mr.d0x