ioc[.]one - OSINT Cyber Threat Intelligence Database

A Bucket of Phish: Attackers Shift Tactics with Cloudflare R2 Public Buckets

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Cloud Services - T1021.007 Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Phishing - T1660 Phishing - T1566 Sharepoint - T1213.002

Show in Graph

Common Information

Type	Value
UUID	a4a46a0f-fed7-435d-b3f5-710aaa10e43a
Fingerprint	ec128dda0b0e3acd
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 6, 2023, 1 p.m.
Added to db	Oct. 24, 2023, 1:13 p.m.
Last updated	Nov. 18, 2024, 4:35 a.m.
Headline	A Bucket of Phish: Attackers Shift Tactics with Cloudflare R2 Public Buckets
Title	A Bucket of Phish: Attackers Shift Tactics with Cloudflare R2 Public Buckets
Detected Hints/Tags/Attributes	30/2/25

Source URLs

	Redirection	Url
Details	Source	https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/a-bucket-of-phish-attackers-shift-tactics-with-cloudflare-r2-public-buckets/

URL Provider

Details	Provider	Source level domain
Details	trustwave.com	www.trustwave.com

Attributes

Details	Type	#Events	Value
Details	Domain	6	pages.dev
Details	Domain	18	workers.dev
Details	Domain	9	r2.dev
Details	Domain	1	pub-5e34bcda437b499399d6abc116886480.r2.dev
Details	Domain	1	pub-3f02c99abcf44a4b92babb3b3c5356d6.r2.dev
Details	Domain	1	xxxxxxx.xxx
Details	Domain	1	samtravelsandtours.com
Details	Domain	2	1-d0asfasfjhasfa7979352jhasf.pages.dev
Details	Domain	1	pub-632c9814b1e848d1a7a36091da6c2082.r2.dev
Details	Domain	1	pub-87c999dfbd87410f8077dc99997234be.r2.dev
Details	Domain	10	developers.cloudflare.com
Details	Email	1	pub-3f02c99abcf44a4b92babb3b3c5356d6.r2.dev/index.html?xxx@xxxxxxx.xxx
Details	md5	1	5e34bcda437b499399d6abc116886480
Details	md5	1	3f02c99abcf44a4b92babb3b3c5356d6
Details	md5	1	632c9814b1e848d1a7a36091da6c2082
Details	md5	1	87c999dfbd87410f8077dc99997234be
Details	Url	1	https://pub-5e34bcda437b499399d6abc116886480.r2.dev/indexr.html
Details	Url	1	https://pub-3f02c99abcf44a4b92babb3b3c5356d6.r2.dev/index.html?xxx@xxxxxxx.xxx
Details	Url	1	https://regionalmanagers-my.sharepoint.com
Details	Url	1	https://samtravelsandtours.com/wp-content/uploads/elementor/css/app.php
Details	Url	2	https://1-d0asfasfjhasfa7979352jhasf.pages.dev
Details	Url	1	https://pub-632c9814b1e848d1a7a36091da6c2082.r2.dev/index.html
Details	Url	1	https://pub-87c999dfbd87410f8077dc99997234be.r2.dev/fiv.html
Details	Url	1	https://developers.cloudflare.com/r2
Details	Url	1	https://developers.cloudflare.com/r2/buckets/public-buckets