Online Services Again Abused to Exfiltrate Data, (Tue, Apr 15th)

If Attackers can abuse free online services, they will do for sure&#;x26;#;x21; Why spend time to deploy a C2 infrastructure if you have plenty of ways to use "official" services. Not only, they don&#;x26;#;39;t cost any money but the traffic can be hidden in the normal traffic; making them more difficult to detect. A very popular one was anonfiles[.]com. It was so abused that they closed in 2023&#;x26;#;x21;[1]. A funny fact is that I still see lot of malicious scripts that refer to this domain. Of course, alternatives popped up here and there, like anonfile[.]la[2].