ioc[.]one - OSINT Cyber Threat Intelligence Database

Targeted Attacks Abusing Google Cloud Platform Open Redirection

Tags

country:	Nepal India Mauritius Philippines South Africa
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Cloud Accounts - T1078.004 Cloud Accounts - T1585.003 Cloud Accounts - T1586.003 Domains - T1583.001 Domains - T1584.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	41fd28e4-eda1-4e2b-972b-780d81e75a7e
Fingerprint	4029db8bbe872d
Analysis status	DONE
Considered CTI value	0
Text language
Published	Jan. 24, 2019, 5 p.m.
Added to db	Jan. 18, 2023, 11:31 p.m.
Last updated	Nov. 17, 2024, 6:30 p.m.
Headline	Targeted Attacks Abusing Google Cloud Platform Open Redirection
Title	Targeted Attacks Abusing Google Cloud Platform Open Redirection
Detected Hints/Tags/Attributes	56/3/17

Source URLs

	Redirection	Url
Details	Source	https://www.netskope.com/blog/targeted-attacks-abusing-google-cloud-platform-open-redirection

URL Provider

Details	Provider	Source level domain
Details	netskope.com	www.netskope.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	3		appengine.google.com
Details	Domain	2		transef.biz
Details	Domain	707		google.com
Details	Domain	1		pace.edu
Details	Domain	2		ulaval.ca
Details	Domain	1		metacase.eu
Details	Domain	1		ivywise.com
Details	Domain	1		ebf.eu.com
Details	File	2		doc102018.doc
Details	File	1		fr.txt
Details	File	3		csmtp.exe
Details	File	1		%appdata%\roaming\microsoft\26117.txt
Details	Url	1		https://appengine.google.com/_ah/logout?continue=https://transef.biz/doc102018.doc
Details	Url	1		https://appengine.google.com/_ah/logout?continue=https://swptransaction-scan2034.s3.ca-central-1.amazonaws.com/doc102018.doc
Details	Url	1		https://accounts.google.com/logout?continue=https://appengine.google.com/_ah/logout?continue=https://transef.biz/doc102018.doc
Details	Url	1		https://google.com/accounts/logout?continue=https://appengine.google.com/_ah/logout?continue=https://transef.biz/doc102018.doc
Details	Url	1		https://transef.biz