MITRE ATT&CK / T1583.006
T1583.006
Web Services
Description
Adversaries may register for web services that can be used during targeting. A variety of popular websites exist for adversaries to register for a web-based service that can be abused during later stages of the adversary lifecycle, such as during Command and Control ([Web Service](https://attack.mitre.org/techniques/T1102)), [Exfiltration Over Web Service](https://attack.mitre.org/techniques/T1567), or [Phishing](https://attack.mitre.org/techniques/T1566). Using common services, such as those offered by Google, GitHub, or Twitter, makes it easier for adversaries to hide in expected noise.(Citation: FireEye APT29)(Citation: Hacker News GitHub Abuse 2024) By utilizing a web service, adversaries can make it difficult to physically tie back operations to them.
Platforms
Mitigations
- M1056 — Pre-compromise
Use our free MITRE ATT&CK lookup tool, or browse the full ATT&CK matrix.
Our coverage
- Vercel's v0.dev AI Tool Weaponized for Phishing Campaigns Targeting Microsoft, Nike Users
- PyPI Malware Campaign Abuses Zulip Chat API as Command-and-Control Channel
- Braintrust AWS Breach Exposes AI Provider API Keys, All Customers Ordered to Rotate Secrets
- SHA-1 Algorithm Explained: How It Works, Step by Step
- APT28 Targets Western Logistics and Tech Firms Supporting Ukraine Aid
Source: MITRE ATT&CK Enterprise matrix. View on attack.mitre.org →